Nation-state cyberattacks rising, warns former NSA director
Speaking at RSA Conference 2017, former NSA Director Keith Alexander warned of increased nation-state cyberattacks and called for an overhaul of U.S. government cybersecurity.
SAN FRANCISCO -- Former National Security Agency Director Keith Alexander warned of increased nation-state cyberattacks against the United States and its allies and urged a rethinking of government cybersecurity strategy.
Retired Gen. Alexander, who is also founder and CEO of infosec consultancy IronNet Cybersecurity, spoke Monday at the Cloud Security Summit during RSA Conference 2017 about the cyberthreats governments face today, as well as the cloud security benefits available to both public and private sector organizations. Alexander, who spent 40 years in military and government service, described how the "massive rate of change" in technology has made government cybersecurity defense more challenging.
"The last 10 years of my service saw the biggest changes in technology," Alexander said. "In that same 10 years, the amount of new data created doubled every year."
Along with those changes and advancements in technology, he said, have come more serious and imposing threats. "All of the sudden, cyber has become an element of national power," Alexander said. "Whether we like it or not, it's an element of national power."
He described several examples of nation-state cyberattacks perpetrated by Russian and Iranian hacking groups, including an incident in 2008 where the NSA found 1,500 pieces of malware on a classified U.S. Department of Defense network. Alexander's agency was then charged with cleaning up the network, which it did in less than a day. "In 22 hours, they had the system back up," he said. "Nobody else in the world could have done that."
Need for cohesive cybersecurity strategy
Despite that achievement, Alexander said, U.S. government cybersecurity is still in drastic need of an overhaul, starting with a strategic shift in how it protects each individual agency and department.
"Who has the money, the expertise and the resources to have real IT cybersecurity capability in government?" Alexander asked. "Look at OPM [Office of Personnel Management]. They got hacked. Why? They didn't have the resources."
Retired Gen. Keith Alexanderformer NSA director
With a growing number of nation-state cyberattacks to deal with, Alexander said, the U.S. government can't afford to leave each agency and department on its own to contend with the threat.
"If you go through all of the government agencies, and you think about it, we've left them on their own to defend themselves as if they were individual people out there fighting by themselves -- but they're not," Alexander said, stressing the need for a cohesive security strategy and defense posture that's shared across the federal government.
As a partial solution to the problem, Alexander encouraged smaller government agencies as well as small and midsize businesses to take advantage of cloud security benefits. "Here's where I think the cloud helps us take several steps forward," he said. "It provides us an opportunity to bring smaller and midsize players together and give them the cybersecurity they need, whether it's the private sector or those government entities that don't have those capabilities."
Alexander also advocated for threat intelligence sharing between businesses and government agencies to strengthen their collective security posture. He said smaller organizations sharing a common cloud-based security platform will be able to generate valuable information about impending threats or risks that can be shared across the platform.
"We could come up with a defensive surface that is orders of magnitude better than what we have today," Alexander said.
Cris Thomas, security strategist at Tenable Network Security, agreed that nation-state cyberattacks are trending toward more dangerous and potentially destructive threats.
"At some point these nation-state attacks are going to lead to destruction -- not just destruction of data but potentially physical destruction," he said. "I think there's going to be a refocus in the government on cyber defense, which is good because right now we don't know who's on our networks and where the vulnerabilities are."