« Return to News

NSA Director: Defense not enough in cyber security [Tulsa World]

NSA Director General Keith B. Alexander
Gen. Keith B. Alexander, director of the National Security Agency, speaks Monday at the University of Tulsa. STEPHEN PINGRY / Tulsa World

By ROBERT EVATT World Staff Writer
Published: 4/26/2011  2:23 AM
Last Modified: 4/26/2011  5:16 AM

Gen. Keith B. Alexander, commander of the U.S. Cyber Command, director of the National Security Agency and chief of the Central Security Service, says at least 5,000 new bits of malicious code show up on the Internet every day.

Alexander, who spoke Monday at the University of Tulsa, said these constant new threats mean that simply throwing up a computer firewall and fixing things when they break isn’t good enough.

“We can no longer depend on a static defense,” he said.

And it’s not just individual computers or companies that could be vulnerable. Alexander noted that as utilities such as electricity and water systems grow increasingly computerized and interconnected, they too could be brought down by a cyber attack.

Already some utilities have experienced outages because of computerization. Alexander pointed out that the electric grid in the Northeast went down in 2003 because of software anomalies, and the Sayano-Shushenskaya hydroelectric dam in Russia suffered a catastrophic turbine failure in 2009 that killed 75 people because its stability software was down.

Alexander said protecting U.S. infrastructure is a priority, though the fragmented nature of the various technologies used by different utility companies make the effort challenging.

“If we only protect the military networks and not the infrastructure, then we’ll have a great network that won’t be able to talk to anyone,” he said.

Worries about civil liberties often come up in discussions about computer security, and Alexander said he and his team are concerned about it, too. He added that the NSA “doesn’t go through people’s emails.”

“We’re not asking for one over the other; we should have both civil liberties and protection,” he said. “As Americans, we should demand it.”

Alexander said his agency’s cyber activities are both defensive and offensive in nature, though he said he could not elaborate on particular offensive operations. He did note that the rules of computerized warfare are still being determined, such as what happens when an attack is routed through a hostile nation, a neutral country or the United States itself.

“These are issues we have to work our way through, because the laws and boundaries aren’t clear,” he said.

Some of those working in computerized defense under Alexander are graduates of TU, which he called a leader in the cyber security field.

“When I talk to people at the NSA, they have great things to say about the University of Tulsa,” Alexander said.

Original Print Headline: Proactive measures needed in cyber fight

Robert Evatt 918-581-8447
robert.evatt@tulsaworld.com
By ROBERT EVATT World Staff Writer

Copyright 2012 World Publishing Co. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Read more from this Tulsa World article at http://www.tulsaworld.com/business/article.aspx?subjectid=52&articleid=20110426_52_E1_CUTLIN111008