Web Feature Posted July 10, 2015
A Conversation With General Keith Alexander
By Clint Kelly (email@example.com) | Photo by Mike Siegel
General Keith Alexander
In his 40-year military career, General Keith Alexander has learned more than a little about the risk-taking and sacrifice required at the highest echelons of military and government service.
One of the greatest of these truths is John 15:13, emblazoned above the altar of his home church: “Greater love hath no man than this, that a man lay down his life for his friends.”
From 2010 to 2014, he was head of U.S. Cyber Command, and from 2005 to 2014, director of the National Security Agency and chief of the Central Security Service with oversight of national foreign intelligence, combat support, and U.S. national security information system protection responsibilities. A West Point graduate, he holds master’s degrees in business administration, electronic warfare, physics, and national security strategy.
The longest-serving director of the nation’s largest intelligence agency, Alexander addressed 1,000 business and community leaders at SPU’s 19th annual Downtown Business Breakfast on April 10, 2015, on “Espionage, Cybersecurity, and Privacy.” The evening before in Royal Brougham Pavilion, he presented a public lecture titled “Hackers, Spies, and Freedom” in which he spoke of the need to balance personal privacy with the greater good.
Alexander, who served under both Presidents George Bush and Barack Obama, was NSA director in 2013, when NSA contractor Edward Snowden leaked classified documents revealing a secret NSA program of phone and email surveillance. Charged by the U.S. Department of Justice with theft of government property and violation of the Espionage Act, Snowden remains in Russia while seeking asylum elsewhere.
Following his breakfast presentation, Alexander participated in a lively Q and A session with members of the audience, then sat down with Response for a candid interview ranging from national security concerns to his own personal experience with stolen identity. Here are some excerpts from that conversation.
Response: Not everyone would step up as you did and shoulder the responsibility for much of the nation’s security. You say there is power in a small community, such as the intelligence community, to get something done. What do you mean?
It’s what you teach at SPU about engaging the culture and changing the world. That goes hand-in-hand with stepping up. Students are now getting to the point in their lives where they are going to step out into the world and they have an opportunity. They can change the world, but it’s based on a whole series of things. It’s their ethos, their ethics, their moral values, their faith that form a great foundation for change. And if you think like that, even in crises, then the path is pretty straightforward. Might not be the easiest path, but it’s the right path.
What does it mean to you personally to have served our country in the ways you have?
It was an incredible honor and privilege to serve with the great people in the military and intelligence communities. I am extraordinarily proud of what we did to provide intelligence to our military in Iraq and Afghanistan, and then to take that and expand it into counterterrorism. The latter is much more difficult to show people, but just as important.
Tell us about the military history of your family.
My dad was a Marine who entered at the end of World War II. His brothers served in World War II. I entered West Point because my mother encouraged me to apply. I had full scholarships to Syracuse and Purdue, but when I was accepted by West Point and found out they actually paid you to attend and give you a job after, I thought, “This is a great place.”
I had no plans to stay beyond the five years you were required to stay, but a culture of people who would lay down their lives for their friends and for our nation was something. While it doesn’t pay a lot, it is really something to be a part of. I stayed.
There has been much questioning of the NSA and the handling of national security since 9/11. What has the change in national security looked like from the inside, while you were able to make as director of the NSA?
I was at the NSA at a time of tremendous transformation in government and in technology. Between 2005 and 2014, the network systems that deal in government technology changed significantly and gave me the chance to help remold the NSA. At the height of the Iraq and Afghanistan wars to focus the agency on defending our military abroad was a great opportunity. I think the folks at the NSA would say, “Yes, we’re proud of what we did.”
To change that world and make a difference was an amazing thing. Many would call me the first director of the NSA with a technical background. Others have tremendous insights in other areas, and so as leaders change, we can each bring something to that agency which is good for the country.
What is the new normal for government intrusion into our personal freedoms?
I don’t see it as an intrusion and would offer a new way to look at it. We the American people should come together and say, “Let’s put our data into a pot so that if terrorists are amongst us, they have to put theirs into the pot too.” Knowing that I don’t talk to terrorists, that I am not a bad guy, I can have complete confidence that in putting my information in the pot, I’m not offering up any of my civil liberties or privacy. Knowing that the data is regularly audited ensures that nobody does something stupid. Having said that, what we’re really doing is taking away from terrorists a venue for how they can come after us.
Next is to lay out the ways that our data will be protected because it is in that pot. Remember that anyone can look up your name and address online and find out more things about you than ever before. That data is available generally, not just to law enforcement and other agencies.
The intelligence community really doesn’t care about the U.S. portion of the data unless a terrorist group outside the U.S. tries to do something with the data. Then we in intelligence have a responsibility to help, and that’s what these programs at the NSA and the CIA are designed for. If we don’t do our part to say, “This is a bad group, and heads up, they just came into the United States,” we get 9/11. No, it’s not an intrusion, but actually a counterterrorism program for the benefit of us all.
I would turn your question around and ask, “How do we help the American people see this isn’t a mass surveillance program?” If you’re only looking at 100 to 200 people a month out of a population of 300-plus million, and you’re doing it 30 times a day times 30 days a month, that is a very focused counterterrorism program.
What do you consider the most common misconceptions about the NSA?
That the NSA and its people are listening in on our communications and reading our email. That’s wrong. The NSA’s job is foreign intelligence, not U.S. to U.S. communications. The key to that is terrorism. The NSA’s job is to track terrorists around the world, see what they’re doing, hear what they’re saying, and who they are going after. If a terrorist talks to somebody in the United States, we collect that conversation through a court order.
The NSA is not doing mass surveillance on the American people. Politicians who, for political gain, hold up their iPhones and say, “They’re listening to our phone calls” know that is not the truth. They should be politically penalized, and the press should be held accountable for responsible journalism.
Government agencies are really doing what we asked them to do. They’re protecting us and doing it right by following the law.
You retired from government service and went into cybersecurity with your own private firm. What were you thinking?
My wife asks me that.
Your IronNet Security website states that in 2014, $364 billion was spent worldwide to combat and recover from data breaches. Who pays for that?
We all pay for it. Industry absorbs the cost but that cost is transferred onto the customer. Not only do the cost of goods and services go up, but we are forced to take costly internal measures to secure our systems against attack. The theft of intellectual property is even greater. Our nation has flourished on innovative ideas like cars, airplanes, and the Internet. Think of all the things and the companies and the ideas that we, the innovation nation have created, and many of those ideas have been stolen. It’s the greatest transfer of wealth in history. Our children’s future is dimmer because we have lost our hold on many of those ideas and patents.
Have you personally experienced cybertheft?
Yes. Cyberthieves stole the personally identifiable information of key government officials, including mine, off of a government server someplace. Our names were stolen along with our Social Security numbers, dates of birth, and other things that can be used to create credit cards and file income tax forms. Last year when I was doing my taxes by TurboTax and pressed the send button, I got a message that said I had already submitted my taxes. Oh, no, I hadn’t! I pressed the submit button again. Same message. I called TurboTax. Fortunately because we did our taxes early, I was able to stop the process and the thief did not get what he was after. That set a whole series of things in motion and they actually caught the guys here in the U.S. So I joined LifeLock to protect my computer system and that’s an expensive $500 a year out of my pocket. There are other companies like that and they’re worth the money to stop the headaches.
We hear often of companies hit by hackers and their customers’ private information stolen. Can anything be done to prevent it?
Fear not, we are going to come up with ways to secure cyberspace; it’s just a question of time. It’s up to the tech companies to deliver this. I’d like them to see them do it over the next year or two. What my company is offering this summer will be a huge step forward. But no one company can secure a network. Companies must work together to come up with the right approach for a comprehensive cybersecurity solution. The race is on and that’s a good thing.
What do you consider the biggest cyberthreats to Americans today?
Most obvious is cyberterrorism. Game changers, such as Iran, Ukraine, and others. That offers the probability of increased tension throughout the Middle East. The way it’s going, I’m concerned about that becoming a war on Islam. Preventing terrorist attacks helps ensure we don’t get to that war. No one wants that except the terrorists. We need to make sure that law enforcement and the intelligence communities have the tools they need to stop terrorist attacks inside this country. Congress needs to ask if they are appropriating the tools and if not, why and what does that mean?
Next is cybercrime being used as a way of pushing back our country. That’s why when you hear of attacks on Home Depot or Target, it often involves URLs coming out of Ukraine or Russia that point back, say, to the U.S. position on Ukraine. Cyber is an easy way to attack our country and it is being used more. It doesn’t cost a lot of money and doesn’t take a lot of time.
When people’s personally identifiable information is stolen, that means that some percentage of those people will have their information used to create credit cards and other fraud, and that’s a tax on our entire system. Even if it’s only 10 percent of the millions of IDs stolen, that is money being taken out of our nation. Sure a company can underwrite and “replace” the money but the money taken is gone. In total, it is a transfer of billions of dollars that could be used for other means, like paying down the national debt. For the average American, it means the cost of living goes up and that our nation’s financial capabilities and actual financial stockpile is being stolen.
Is there a government power or country in the world that does not practice espionage?
I can’t name one. There are more than 100 countries using cybercapabilities.
Can you point to an historical example of how the American citizen has benefited from the U.S. practice of espionage?
Enigma, World War II. We broke the German code, and the war in the Atlantic swung in favor of the Allies. We fought the war largely based on the information gained from Enigma. The intelligence gained significantly helped us, the war was shortened by at least two years, and countless lives were saved.
In Iraq, intelligence helped us take down a number of adversaries. It stops terrorist attacks. There are people alive today in New York City who don’t even know they would have been killed had the 2009 plot to attack the New York subway not been stopped.
Our country has a tremendous intelligence system. And despite what you read, it has very good oversight by Congress, the courts, and the administration to ensure that it is done right. Granted, it’s complex, but it is built on a set of principles that go back to the ethos we talked about: duty, honor, country.
Of course, countries act in their own self-interests, and here’s the big problem. Everybody spies on everybody, but nobody likes to admit it. If every country we dealt with was transparent and straightforward with us, then there would be no need to spy. But oftentimes their interests and ours are not aligned and the consequences could be dangerous, as in war in the Middle East. The development of a nuclear weapon by Iran is a huge issue for everyone. It is the constitutional authority of the president and others in Washington to ensure against threats like that. So what is it worth for us to find out that information? If we don’t, and they get nuclear weapons, and then they collapse like many governments in that region are doing, where do those weapons go and where are they used?
Are you surprised by the public response to Edward Snowden? Some consider him a kind of folk hero, while others see him as a traitor.
Well, half the people are right. It goes back to this: How do you get the facts out? If the American people knew what I know, they would be very concerned about what Snowden has done. He took an oath to support and defend the Constitution of the United States against all enemies foreign and domestic. Why, then, did he do what he did? Why did he go to China and then Russia with over a million top-secret U.S. documents, when he said all he wanted to do was expose a program, an action that would have required just two documents?
So there he is in Russia. Why Russia? If he really is the hero some people make him out to be, he would have taken those two documents, walked out of the NSA, stepped up to a TV camera, and said, “I will face imprisonment to expose this.” I don’t think he realized that what he exposed is our Constitution at work. Congress, the courts, and the administration did that. It wasn’t something that the NSA was doing under the covers. It was an approved program that the NSA was directed to run. What if someone like Snowden had stolen the way by which we were solving Enigma and had raced to Germany with that? We’d have lost the war. Would he have been a hero then?
What has humbled you over time in the process of becoming a cybersecurity expert?
Another thing is faith. Seattle Pacific University is really good at that. The recognition that we are all mortal, here on earth only for a time. Realizing that, you step back and say, “Everybody counts. Treat everybody the right way.” I learned from one of my bosses 30-plus years ago that if we treat people as if they are the most awesome and incredible people, they will rise to the occasion. In government and industry, treat your people right, and they will do everything that you have asked and more.