Among the greatest threats to national security are cyber attacks that destroy invaluable network infrastructure, according to the United States’ top cyber security expert.
Gen. Keith B. Alexander, head of the U.S. Cyber Command, director of the National Security Agency and chief of the Central Security Service, traced the evolution of that threat on Jan. 12 at Fordham.
Until 2007, cyber attacks were limited mostly to criminal efforts—hacking into personal or corporate systems to steal valuable information, Alexander said.
In May of that year, however, Estonia was subjected to distributed denial-of-service attacks over a political issue—the relocation of Soviet graves. The attacks swamped websites of Estonian organizations, including its parliament, banks, ministries, newspapers and broadcasters, temporarily shutting them down.
“That changed our look at cyber security from one of exploitation to one of disruption,” Alexander said in the Special VIP Keynote Address at the third annual International Conference on Cyber Security.
“What I’m concerned about is the next phase—going from disruption to destruction,” he explained. “Every one of these devices that we have—mobile and fixed—can be destroyed by a significant cyber event. We can not let that happen.”
The answer is not to limit the growth of computing technology, which Alexander said brings tremendous social benefits.
Instead, he advocated collaboration between the government, industry, academia and American allies to develop better methods of detecting cyber attacks before and after they occur.
“Cyber defense is mostly reactive. A perimeter defense is established, and when an incursion occurs, we fix the defense, clean up the system, apply the lessons we’ve learned and then wait for the next event,” he said.
“We can no longer look at this as a point defense,” he continued. “This has to be a defense that brings both our offense and our defense together, pools all of that knowledge, and works inside our network to become active.”
Alexander shared some steps taken by the Department of Defense to secure its network, which consists of 7 million devices that are IP addressable and features 15,000 enclaves—segments of internal networks that are defined by common security policies.
“First of all, you have to have an infrastructure that’s defensible,” he said. “With 15,000 enclaves, you can not see them all and you can not defend them all.”
To streamline the department’s network and save on costs, the following goals were established:
• reduce the number of desktop applications by 5,250;
• cut the number of help desks by 50 percent, with the ultimate goal further reducing their presence from 900 to two;
• eliminate 40 percent of data centers; and
• reduce network enclaves by 80 percent.
“Reducing network enclaves will save us 30 percent of our IT budget costs by 2015-2016,” he said. Contributing to that is a 40 percent reduction in system administration costs and $100 million in savings from software licenses.
“Our nation needs those savings,” he said. “These are the kinds of things that we should force through our government to help save money. It’s the right thing to do.”
Alexander admitted that cyber defenders have their work cut out for them. In the past two years, hackers have infiltrated the systems of major corporations such as NASDAQ, RSA, Sony, Citigroup, Lockheed Martin, Booz Allan Hamilton, Mitsubishi and Sony, among others.
“You look at RSA and NASDAQ and they are the gold standard for securing cyber,” he said. “They’re the ones who know they’ve been hacked. What we see is 100 times that number who don’t know they’ve been hacked.
“When the best in the industry are getting hacked, this shows that cyber security has to be a partnership between government, allies, industry and academia. I can’t say that enough.”