08.02.14
Keith Alexander really IS a pariah
In twenty years of writing about computer and national security issues, I’ve never anyone from the top of the US military quite as grasping as former NSA director, Keith Alexander.
He’s redefined retiring from service at a whole new level.
And I know of no military men, or directors of any intelligence agency, to claim they’re going to be filing patents for security inventions after leaving their public sector jobs.
[Alexander, in an interview Monday, said he has developed] a new technology, based on a patented and “unique” approach to detecting malicious hackers and cyber-intruders that the retired Army general said he has invented, along with his business partners at IronNet Cybersecurity Inc., the company he co-founded after leaving the government and retiring from military service in March. But the technology is also directly informed by the years of experience Alexander has had tracking hackers, and the insights he gained from classified operations as the director of the NSA, which give him a rare competitive advantage over the many firms competing for a share of the cybersecurity market …
Alexander said he’ll file at least nine patents, and possibly more, for a system to detect so-called advanced persistent threats, or hackers who clandestinely burrow into a computer network in order to steal secrets or damage the network itself. It was those kinds of hackers who Alexander, when he was running the NSA, said were responsible for “the greatest transfer of wealth in American history” because they were routinely stealing trade secrets and competitive information from U.S. companies and giving it to their competitors, often in China.
Keith Alexander wants you to believe, along with all the other simpletons and sycophants in the natsec journalism business, that he’s so insightful, so inventive, that at night — or in off hours from the NSA, he came up with unique computer security concepts and inventions that he will now sell or lease to the private sector.
After years of building the biggest cyberwar machine in the world on the taxpayer dime, without any apparent oversight at all. And, of course, all while undermining the basic security of the internet, launching clandestine malware attacks on nations in the Middle East, hoarding computer security vulnerabilities and greasing a global clandestine market for the buying and selling of them.
In 1994, for Issues in Science & Technology, in a very old piece entitled Electronic Pearl Harbor, Not Likely, I wrote:
Another reason to be skeptical of the warnings about information warfare is that those who are most alarmed are often the people who will benefit from government spending to combat the threat. A primary author of a January 1997 Defense Science Board report on information warfare, which recommended an immediate $580-million investment in private sector R&D for hardware and software to implement computer security, was Duane Andrews, executive vice president of SAIC, a computer security vendor and supplier of information warfare consulting services.
Assessments of the threats to the nation’s computer security should not be furnished by the same firms and vendors who supply hardware, software, and consulting services to counter the “threat” to the government and the military. Instead, a true independent group should be set up to provide such assessments and evaluate the claims of computer security software and hardware vendors selling to the government and corporate America. The group must not be staffed by those who have financial ties to computer security firms. The staff must be compensated adequately so that it is not cherry-picked by the computer security industry.
In twenty years, Keith Alexander is now on top of a situation that is just the opposite.
He spent his career lecturing and warning of devastating cyberattacks on American infrastructure. Most notably, he insisted again and again that Chinese hackers were stealing so much from corporate America in the way of information and private intellectual property, it constituted the greatest transfer of wealth in history.
If you’ve been on food stamps, the unemployment line, or been otherwise damaged by the Great Recession, you may have missed it.
This is the picture: Grasping Keith Alexander spends his career publicly warning that America’s financial system was imperiled by cybewar, all while building the world’s biggest cyberwar apparatus. And now that he has retired he intends to sell his soon-to-be-patented computer security innovations to corporate America so that they can be shielded from the attacks he spent years telling them are coming and which have already allegedly stolen much of its intellectual wealth. (Which is presumably why they’re all doing legal foreign merger tricks to avoid the payment of tax owed the US govenrment. Which was protecting them, or trying to, in cyberspace.)
Although the Issues in Science and Technology article is a very accurate slice of history from two decades ago, much in Electronic Pearl Harbor, Not Likely is pretty dated, quaintly naive even, and no longer relevant to the computer security discussion. Virus hoaxes are no longer around. Malware production exploded. Computer virus production became professionalized and they’re now used as clandestine weapons of war.
I wrote that it would be hard to do such things. And it has been hard.
It takes government agencies like the NSA to develop things like Stuxnet. And the phenomenon took years to arrive but nevertheless, it has arrived.
But electronic Pearl Harbor never happened. Even though many still warn about it, first among them being Keith Alexander when he was director of the National Security Agency.
And the part about conflicts of interest and casting a skeptical eye upon those who do threat assessment and then seek to immediately gain financially from the impact of such assessments has not changed.
It’s become much worse and Keith Alexander is now the very best example of it.
Keep in mind, this is all part of the expansion of internet spying and its secret infrastructure, he supervised and which was exposed by Edward Snowden. And Alexander’s work has not made the internet more trustworthy.
Quite the contrary, Alexander is seen as primarily responsible for damaging the global reputation of the United States when it comes to acceptable conduct in cyberspace.
Alexander, justifiably, is and should be a pariah. And we dig our global pariahs in 2014. It’s a national character trait. So we should own up to it because we deserve the guy and his grasping.
Douglas Stewart said,
August 3, 2014 at 12:49 pm
Great post. Its insanely odd – and definitely a first, as you mentioned – that someone would retire from getting a publicly funded paycheck as a spook and then hope to capture the market through patents.
One problem with having “1sts” is that it sets a precedent; a standard that many, if not all, will soon follow. That has the potential to be a problem just as large as the entire “spying on Americans” fiasco.
George Smith said,
August 4, 2014 at 10:03 am
There’s no correction, from either or outside the system. It’s not even possible. The only thing to notice the stream of occasional reports indicating foreign countries are declining to do business with American tech companies and arms manufacturers, when they have the opportunity. Being a pariah is an asset here. The only thing stopping the US from being regarded as a pariah state is the gigantic global national security apparatus (which people are legitimately afraid of), the dollar as the US reserve currency, and the iPhone, I think.
Anonymous said,
August 8, 2014 at 9:22 am
The easy way to solve this and similar problems is to remove the economic incentive for military retirees to peddle their influence and/or insider knowledge. Simply outlaw second careers by retired military veterans. End of story. You work, you lose your military retirement benefits.