National Security Agency Director General Keith B. Alexander addressed the attendees of the Defcon hacker conference in Las Vegas on Friday and asked for their help to secure cyberspace.
“This is the world’s best cybersecurity community,” said Gen. Alexander, who also heads the U.S. Cyber Command. “In this room right here is the talent our nation needs to secure cyberspace.”
Hackers can and must be part, together with the government and the private industry, of a collaborative approach to secure cyberspace, he said.
Hackers can help educate other people who don’t understand cybersecurity as well as they do, the NSA chief said. “You know that we can protect networks and have civil liberties and privacy; and you can help us get there.”
Gen. Alexander congratulated the organizers of Defcon Kids, an event dedicated to teaching kids how to be white-hat hackers, and described the initiative as superb. He called 11-year-old Defcon Kids co-founder CyFi to the stage and said that training young people like her in cybersecurity is what the U.S. needs.
The NSA director stressed the need for better information sharing between the private industry and the government and noted that the Congress is currently debating legislation to address this.
NSA’s and U.S. Cyber Command’s roles are to protect the nation from cyberattacks and foreign intelligence, Gen. Alexander said. The issue is that if you don’t see a cyberattack you can’t defend against it and at the moment, the NSA has no insight if Wall Street is going to be attacked, for example, he said.
Gen. Alexander pointed out that if the industry could share some limited pieces of information from their intrusion detection systems in real time, the NSA could take it from there.
The next step from information sharing is jointly developing standards that would help secure critical infrastructure and other sensitive networks, he said.
He encouraged hackers to get involved in the process. “We can sit on the sidelines and let others who don’t understand this space tell us what they’re going to do, or we can help by educating and informing them” of the best ways to go forward.
“That’s the real reason why I came here. To solicit your support,” he said. “You have the talent. You have the expertise.”
At the Aspen Security Forum conference on Thursday, Gen. Alexander revealed that there’s been a 17-fold increase in cyberattacks against U.S. infrastructure between 2009 and 2011, the New York Times reported.
The hacker community has built many of the tools that are needed to protect cyberspace and should continue to build even better ones, he said during his keynote at Defcon. He gave the example of Metasploit and other penetration testing tools.
“Sometimes you guys get a bad rap,” he said. “From my perspective, what you’re doing to figure out vulnerabilities in our systems is great. We have to discover and fix those. You guys hold the line,” he said.
Gen. Alexander’s presence at Defcon was a rare event. Before introducing him to the stage, Defcon founder Jeff Moss, who is the chief security officer of ICANN and a member of the U.S. Homeland Security Advisory Council, revealed that he has tried for the past 20 years to get a high-ranking NSA official to speak at the conference.