Cyber warfare is one of the most potent security threats the United States faces, National Security Agency Director and Commander of the US Cyber Command General Keith Alexander told the crowd at the Aspen Security Forum in Aspen, discussing in conversation with NBC News Correspondent Pete Williams the nature of the threat and how his department is working to address it.
With the Stuxnet, Duqu, and Flame viruses in the fore of the public consciousness, Alexander took pains to point out that nation-states were not the only potential cyber actors. Citing power and water grids as his chief concerns, he said, “Somebody who finds vulnerability in our infrastructure could cause tremendous problems. They could erase the Input/output of a system so it can’t boot, and would have to be replaced. And these capabilities are not only nation-state-only capabilities.”
Alexander assessed the US’ readiness to confront such an attack as a three on a scale of ten, calling lack of adequately trained cyber defense forces the critical impediment to greater preparedness. “Our issue isn’t [having the tools] to address the threat,” he said. “It’s having the capacity, and building and training cyber forces. We have a big requirement, and a small force that is growing steadily.”
Alexander advocated for legislation, like the Cybersecurity Act currently before Congress, to give the Department of Homeland Security a greater role in setting appropriate security measures for critical infrastructure. Up for debate is whether industry will be required to comply with these standards, or receive incentives for so doing. Predicting that the current legislation would pass with incentives rather than requirements, Alexander qualified that “what we legislate is something that over the next few years will continue to evolve, and it must because the networks will continue to evolve.”
Ultimately, Alexander said, it will take all stakeholders coming together to determine standing rules of engagement. “Working with industry under the new legislation, they would be able to share the information that an attack just hit their first line of defense with the Department of Homeland Security, where it would then be spread out to the rest of government. Everyone sees the information at the same time,” he said. And in an era where technology has winnowed the window of response time to milliseconds, Alexander’s point is timely and persuasive that this level of coordination is more imperative than ever before.
Watch the full video: