Keith Alexander Speaks: "The NSA Protects America's Privacy And Civil Liberties"

Tyler Durden's picture

Authored by Keith Alexander (director of the NSA and commander of the US Cyber Command), originally posted at The National Interest,

Obama has identified cybersecurity threats as among the most serious challenges facing our nation. Secretary of Defense Chuck Hagel noted in April that cyberattacks “have grown into a defining security challenge.” And former secretary of defense Leon Panetta told an audience in 2012 that distributed denial-of-service attacks have already hit U.S. financial institutions. Describing this as “a pre-9/11 moment,” he explained that “the threat we face is already here.” The president and two defense secretaries have thus acknowledged publicly that we as a society are extraordinarily vulnerable. We rely on highly interdependent networks that are insecure, sensitive to interruption and lacking in resiliency. Our nation’s government, military, scientific, commercial and entertainment sectors all operate on the same networks as our adversaries. America is continually under siege in cyberspace, and the volume, complexity and potential impact of these assaults are steadily increasing.

Yet even as it confronts mounting threats, the United States also possesses a significant historical opportunity to deter them. America has built something unique in cyberspace—an evolving set of capabilities and activities that have not yet reached their collective potential. We have learned through two decades of trial and error that operationalizing our cyberdefenses by linking them to intelligence and information-assurance capabilities is not only the best but also the only viable response to growing threats. Our capabilities give us the power to change the narrative by making our networks more secure—and ensuring that cyberspace itself becomes a safer place for commerce, social interaction and the provision of public services. We want to take this opportunity to put these developments in historical context, and then explain why we as a nation must continue to build a cyberenterprise capable of guarding our critical infrastructure and population. We can and must do this while always protecting civil liberties, personal privacy and American values.

We now rely on social structures that barely existed 150 years ago. The order and functioning of modern societies, economies and militaries depend upon tight coordination of logistics and operations. Reliability of timing and flow has become indispensable for modern nations and their armed forces. This synchronization rests upon an infrastructure that allows communication, transport, finance, commerce, power and utilities to serve policy makers, managers, commanders and ordinary citizens in an efficient and reliable (i.e., unbroken) manner. Efficiency and dependability make realistic planning and effective operations possible across a whole society. Such intricate ties in the mesh of infrastructure systems also constitute a lucrative target for an attacker and a significant vulnerability for modern societies. Disrupt the synchronization, and the whole system of systems becomes unreliable—thus diminishing the nation’s power and influence.

This unprecedented degree of exposure to systemic dislocation was first anticipated over a century ago when British cabinet ministers and business leaders contemplated the potential for disruption to their entire economy if French armored cruisers even temporarily interrupted the empire’s overseas trade. The perceived peril to British society prompted the Royal Navy’s intelligence office to begin gathering data for the strategic assessment of risk and vulnerability. That effort convinced decision makers that Britain was vulnerable to disruption of its commerce and to sabotage of its war-fighting capabilities. At the same time, Royal Navy planners recognized opportunities to exploit Germany’s systemic vulnerability to economic disruption. This would require the coordination of a range of institutions and capabilities: financial services, international communications, shipping, energy, diplomacy, and naval and intelligence activities meshed into what historian Nicholas Lambert aptly describes as an “Armageddon” strategy.

London approved use of this collection of levers as a weapon against Germany in 1912, but when war came soon afterward British leaders quickly recoiled from the plan under economic and diplomatic pressure. Britain’s economic-warfare measures were proving to be shockingly effective. At the outset of war in 1914 a global financial panic affected world trade on a scale like that of 1929. Britain’s strategy swiftly exacerbated the crisis. Citizen and business confidence in economic institutions collapsed. Traders withdrew from markets. World trade ebbed. Commodity exchanges closed their doors. Banks recalled loans, and global liquidity dried up. In an increasingly globalized and interconnected world, moreover, many of the unintended victims of economic warfare were British.

While the British never fully implemented their 1912 vision of coordinated levers of power to defeat an enemy, the notion of employing strategic technological and economic power indirectly helped bring about a new capability in the United States. One of the most important pillars of Britain’s strategy, which was bequeathed to the United States, was a strategic signals-intelligence capability that served both national and battlefield users. By 1952, the United States had established the National Security Agency (NSA) as the capstone of a signals-intelligence enterprise. That capability became computerized over time, and the resulting “cryptologic platform” emerged as one of the bases of expertise and infrastructure for cyberspace and cyberoperations. From this emerged America’s military cyberspace architecture and capabilities. In 1981, the Pentagon gave the NSA the mission to help secure data in Department of Defense computers. In 1990, that role expanded to the government’s “national-security information systems.” The NSA also played a role in helping the government and military to understand the vulnerability of the nation’s critical infrastructure. When planning accelerated for military cyberoperations after 2001, the NSA provided expertise to the Pentagon’s new “network warfare” capabilities.

Since then, cyberspace has become vital for the functioning of our nation in the digital age. Our national digital infrastructure facilitates the movement of commodities and information, and stores them in virtual form as well. We now use cyberspace to synchronize those critical infrastructure systems that coordinated economies and militaries a century ago. Many of the same vulnerabilities that Royal Navy planners noted in 1905 apply in cyberspace and are magnified by our dependence on the information sector. The features that allow all these infrastructure sectors to link together in cyberspace, however, also make them accessible to intruders from almost anywhere at a comparative minimum of cost and risk. The cyberdimension, therefore, adds an unprecedented degree of complexity and vulnerability to the task of defending ourselves against a modern-day “Armageddon” strategy.

The century-old dream and nightmare of crippling a modern society by wrecking its infrastructure—or just by disturbing its synchronization of functions—is now a reality others are dreaming of employing against the United States. We do not know how effective such a strategy would be against the United States in practice, but glimpses of global financial panics in recent years should raise concern about even partial “success” for an adversary attempting such an attack.

Military Cyber-capabilities are now being “normalized,” following a traditional path from commercial innovations to war-fighting systems (much like that of aviation in the last century). Several nations have pondered cyberdoctrine for years at senior military schools and think tanks. Cyberattacks against Georgia in 2008 demonstrated how network warfare could be employed alongside conventional military forces to produce operational effects. Lessons learned from such operations are now being turned into tactics and planning by future adversaries. This normalization of cybereffects and their integration with conventional forces will not diminish their power—on the contrary, it will magnify it. Decision makers like former secretary Panetta have mentioned the possibility of a “cyber Pearl Harbor” to evoke our current predicament. We may have already witnessed the cyberequivalents of the sinking of a battleship at Taranto and practice runs with shallow-water torpedoes (the inspiration and preparation, respectively, for Japan’s Pearl Harbor attack).

Cyberconflict occurs on a second level as well. Three times over the previous millennium, military revolutions allowed forces to conquer huge territories and forcibly transfer riches from losers to winners (namely, in the Mongol conquests of China, Russia and Baghdad; the Spanish conquests of the Americas; and the European empires in the nineteenth century). Remote cyberexploitation now facilitates the systematic pillaging of a rival state without military conquest and the ruin of the losing power. We have seen a staggering list of intrusions into major corporations in our communications, financial, information-technology, defense and natural-resource sectors. The intellectual property exfiltrated to date can be counted in the tens to hundreds of thousands of terabytes. We are witnessing another great shift of wealth by means of cybertheft, and this blunts our technological and innovative edge. Yet we can neither prevent major attacks nor stop wholesale theft of intellectual capital because we rely on architecture built for availability, functionality and ease of use—with security bolted on as an afterthought.

The United States has not sat idle, however, in the face of diverse and persistent threats in cyberspace that no one federal department or agency alone can defeat. There is clear recognition that the nation’s cybersecurity requires a collaborative approach and that each department brings unique authorities, resources and capabilities to the table. The Department of Homeland Security is the lead federal department responsible for national protection against domestic cybersecurity incidents. The Department of Justice, through the Federal Bureau of Investigation, is the lead federal department responsible for the investigation, attribution, disruption and prosecution of cybersecurity incidents. The Department of Defense has the lead for national defense, with the responsibility for defending the nation from foreign cyberattack. This team approach helps us protect U.S. infrastructure and information, detect attacks and deter adversaries in cyberspace. Relationships also have been forged with private enterprises that carry the data (or create or study the hardware and software that manage the data). Working together, we are improving our knowledge about what is happening across the cyberdomain, enhancing shared situational awareness for the whole U.S. government while ensuring robust protection for privacy and civil liberties.

At the heart of our national-scale capability for defending the nation in cyberspace is the set of relationships for intelligence, analysis, and information security and assurance. The NSA makes that team work. The agency’s importance was reflected in then secretary of defense Robert Gates’s 2009 decision to designate the director of the NSA as commander of U.S. Cyber Command (USCYBERCOM) as well, and to locate the new command’s headquarters at Fort Meade, Maryland, alongside the NSA. Through these decisions, the department leveraged the similarities and overlaps between the capabilities needed for the conduct of the NSA’s core missions—signals intelligence and information assurance—and those of USCYBERCOM: to provide for the defense and secure operation of Defense Department networks and, upon order by appropriate authority, to operate in cyberspace in defense of the nation.

The NSA and USCYBERCOM operate under multiple layers of institutional oversight that reinforce our commitment to privacy and civil liberties. These include processes internal to both organizations, executive-branch oversight accountability mechanisms, congressional oversight and judicial scrutiny. Physical, managerial and technical safeguards serve to prevent, correct and report violations of procedures. There is a culture of accountability and compliance, rigorous training and competency testing, auditable NSA practices and self-reporting of incidents. The NSA and USCYBERCOM do not set these procedures but comply with very specific provisions approved by our nation’s lawmakers. Far from imperiling civil liberties and privacy, the tight links between the NSA and our growing cybercapabilities help to ensure professional, sober and accountable consideration of potential impacts from our operations.

The evolution of USCYBERCOM has reinforced the imperative for a close and unique connection with the NSA. The command’s creation in 2010 reorganized the department’s Title 10 “war fighting” segment of our cyberteam and represented a major organizational step toward developing and refining the Department of Defense’s role in strengthening the nation’s cybersecurity. Events since the formation of USCYBERCOM have taught us a great deal about the gravity of the cybersecurity threat, the development of the Department of Defense’s operational capabilities, the department’s role in a whole-of-government approach to cybersecurity, and structural, policy and doctrinal changes that are needed. Some of these changes can be implemented as part of the natural evolution of the command. Others require activity outside USCYBERCOM itself—within the Department of Defense, by the executive branch more broadly, by Congress and by the private sector.

The synergy between the NSA and USCYBERCOM is evident every day even if it is not visible. The cryptologic platform constitutes the collection of signals-intelligence and communications-security capabilities that since 1952 have served users ranging from national customers to departmental analysts to battlefield commanders. To the extent permissible by law, USCYBERCOM and the NSA have integrated operations, people and capabilities to help the nation and its allies respond to threats in cyberspace. USCYBERCOM’s defense of U.S. military networks depends on knowing what is happening in cyberspace, which in turn depends on intelligence produced by the NSA and other members of the intelligence community on adversary intentions and capabilities. USCYBERCOM’s planning and operations also rely on the NSA’s cybercapabilities. No one entity in the United States manages or coordinates all this activity on a strategic scale. It requires cooperation across government agencies and with industry.

The cyberteam works for strategic, operational and tactical ends, and it does so because we cannot afford (in terms of resources, security or missed opportunities) to maintain distinct capabilities for strategic, operational and tactical decision makers. This approach makes it possible for the United States to operate national-security information systems with some assurance of security; to understand the dimensions of the threats that we face; and to know which threats are exaggerated. It also gives us a measure of warning and situational awareness and is the basis on which those vital attributes will be improved in the future. What are the possibilities for maximizing its potential?

AT THE dawn of the “cyberage” in the 1980s, the United States was positioned to take a commanding military lead in this new domain. Much of the world’s cyberinfrastructure, capacity and computer-security expertise resided in America, and the U.S. government debated policies that might have made federal and critical infrastructure networks much more secure than contemporary external threats could have surmounted. The U.S. military and intelligence community held strong advantages in cybercapabilities that might have been mobilized in the 1990s. Although potential threats were recognized early, there was little urgency to reorganize and change established processes. By the time the United States started losing intellectual property on a massive scale in the middle of the last decade, the opportunity to capitalize on commanding advantages had been lost.

Today the United States is striving to maintain the edge it holds over potential adversaries in cyberspace. This advantage is preserved in part by the large U.S. government capacity in this domain. Our lead is also maintained by our adversaries’ own difficulties in crafting new policies, doctrines and organizations to operate in the new cyberdomain; in some cases their social and political contexts are even more challenging than ours. This American advantage might not last long. We still, however, would not trade our predicament for that of any other nation on earth. Every nation has significant vulnerabilities that can be exploited in and through cyberspace; almost alone among nations, we have the ability to lessen ours dramatically.

As then deputy secretary of defense William Lynn explained in Foreign Affairs in 2010, global circumstances continue to require an agile and technologically advanced cybercapability. We have made progress but still must do more to ensure that we have: the situational awareness needed to defend our networks; the authority to respond to threats to the United States, even beyond the boundaries of military systems; legislation that facilitates information sharing with the private sector; established security standards for critical infrastructure; trained and ready cyberforces certified to common, baseline standards; doctrine along with tactics, techniques and procedures for educating our armed forces on the conduct of military operations in cyberspace; a defensible cyberarchitecture enabled by the new Joint Information Environment (JIE); and clear lines of command and control to ensure network-speed decision making and action. The Department of Defense is making progress on an array of efforts to address these challenges, all the while protecting the privacy of our citizens and the civil liberties that are at the foundation of our political system.

The Pentagon is moving to reduce significantly the number of its networks and limit the points where those networks touch the Internet. Its new joint network—the JIE—is inherently more defensible than the fifteen thousand disparate enclaves that currently exist in the Department of Defense. USCYBERCOM is involved in efforts to leverage cloud-computing technology to dramatically increase the ability to safely and securely store and access data.

We continue to improve our ability to understand the vulnerabilities of our networks, the cyberenvironment and the capabilities of adversaries. Doing so improves situational awareness of what is happening in cyberspace for the benefit of government organizations, private industry and foreign partners.

We are aware that as we increase our dependence on networks in cyberspace, we must have a codified and logical manner by which to provide structure, command and control to our forces—and to allow the coordination and synchronization of U.S. military operations with those of our military allies and our partners.

We are developing a force capable of defending the nation in cyberspace, operating and defending Department of Defense information networks, and providing direct support to Unified Combatant Command plans and operations. These forces must be able to defend our national-security networks, providing a vital sanctuary from which we can operate even while under attack. Having such an assured capability will not only defend Department of Defense and national-security functions, but also help government and civilian networks by convincing adversaries that an “Armageddon” strategy will not succeed against America.

We are working to understand how existing international and domestic laws and norms apply in the new cyberenvironment. We are also developing processes and policies to manage cyberemergencies and to defeat cyberattacks.

Our reliance on cyberspace yields significant strategic benefits but also poses grave risks to our nation. The very nature of cyberspace is one of convergence—of networks, devices and people combining and interacting in new and increasingly complex ways. Communications that previously moved in separate channels now travel in one, global network—the Internet. We must be able to operate securely in this convergent space and to protect the broader social, political and economic developments that the digital age has brought us. The things we value—personal wealth, national economic prosperity, intellectual property, our nation’s defense secrets and even our way of life—are all targets for our adversaries. More and more, those treasures reside in cyberspace, and that is the battleground where adversaries can threaten us. The potential for strategic-level theft and disruption is growing as adversaries probe our critical infrastructure networks and take our data. We do not know how economically and physically damaging coordinated cyberattacks could be if mounted on a national scale—or if a “limited” attack could get out of hand and cause cascading destruction. But the vulnerability of critical infrastructure and the power of cyberweapons together represent serious cause for concern about the resiliency of modern, networked economies and societies.

Defending the nation in cyberspace, preventing strategic surprise and maintaining technological advantage all depend on collaboration, information sharing and a world-class workforce. This requires teamwork across the military, intelligence community, the federal agencies, industry, academia and our international partners. Leadership is vitally important as well. The U.S. government has made significant strides in defining cyberdoctrine, organizing cybercapabilities and building cybercapacity. We must do much more to sustain our momentum in a domain where adversary capabilities continue to evolve as fast as or faster than ours do. Our cyberteam can be the core of whatever national capability we build, but that capability must also extend well beyond the confines and authorities of the Department of Defense and even the federal government. Building that extended cyberenterprise now is indispensable to our ability to deter and defeat enemies in cyberspace so that they do not threaten our security, prosperity and way of life.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
g'kar's picture

That's a load off my mind...(I just took a dump)

King_of_simpletons's picture

.... And Congress is fiscally responsible and the Federal Reserve is not frivolous. Wall Street and Banksters are saints. Economy is booming. Unemployment is at historic low. Obamacare is the way to go.

NoDebt's picture

Well, I don't know about all of you, but I'm totally convinced.  Thanks for clearing that up, Keith.

Jeez, could that thing have been any longer?

GetZeeGold's picture



Thanks for looking out for us Uncle Keith!


First time I've ever agreed with Dianne Feinstein about anything....I thank the NSA for bringing us all closer together.

Element's picture

I distinctly remember reading 'cyber-space' fiction articles on gopher web that said in a few decades we'd have authoritarian people, like him, saying stuff like that, and spying in everything we do, no matter what we do or say about it, and that they would hack us at will, and take our data, and we'd never get it back again. It was all true.

outamyeffinway's picture

And that's just how the story begins!!!

exi1ed0ne's picture

TL;DR summary:

Move along, nothing to see here.  Look, (points vagely out the window) TERRORISTS!

Surly Bear's picture

I am shocked, just shocked...I mean really, I had no idea this was happening.

Anusocracy's picture

Total surveillance is absolutely necessary for the total State.

Skateboarder's picture

And only total queermos like this fool are absolutely necessary for total surveillance.

James_Cole's picture

Very informative, persuasive piece - only criticism I have is it felt a bit short.

Look forward to this mans book tour and hopefully a follow up artice on why he chose to model his command centre after a Star Trek ship rather than Star Wars. I get that there's no better persona to emulate than Kirk whilst protecting everyone's freedom, but wouldn't it be more fun to have light saber battles in-between safegaurding civil rights? Or imitating yoda when hacking Merkel's blackberry?

Inquiring minds want to know!

akak's picture

Keith went with the Star Trek formula because, you know, Kirk always got the woman.

Too bad he didn't realize that he was actually recreating the Borg.

MontgomeryScott's picture

Stardate 2259.3

Universal Translator summary:

Kieth Alezander, titular head of the 'M' in 'MIC':


(he forgot the obligatory '9/11' reference, however)

I was wondering how one 'recreates' the BORG. I suppose you are talking about 're-creation', as in the way that the mythical Phoenix bird was thought to be 're-created' from the ashes of whatever forest fire the ancient indigenous peoples in the Americas invented to help them stay 'spiritually centered' on their graven images (which subsequently burned all up).


WHAT do the BORG do in their 'off-hours' for fun or RECREATION?

I suppose that the females assimilate the blasts from the male weapons of ass destruction, and the males give speeches in front of the universal Congress, talking about how they are not assimilating others (except because of a galaxy-wide threat to all sentient beings known as 'AL'FRANKEN').

The 21st century is SO fucked up! It is a hard course to master. Give me some more tech journals to read...

EscapingProgress's picture

Welcome to America in the year 2013 where surveillance is privacy.

Titus's picture

The NSA and USCYBERCOM operate under multiple layers of institutional oversight that reinforce our commitment to privacy and civil liberties. ... Far from imperiling civil liberties and privacy, the tight links between the NSA and our growing cybercapabilities help to ensure professional, sober and accountable consideration of potential impacts from our operations.



Doubleplusgood! Reminds me of something I read somewhere:

War is Peace

Freedom is Slavery

Ignorance is Bliss

StychoKiller's picture

"Of course, being able to spy on political leaders, both external and internal to the USA (for blackmailing information), is just icing on the cake of "Total Information Awareness!"

 The missing statement in all that gobbledygook!


Citxmech's picture

GFD! - It sounds like he thinks he deserves a medal for "protecting" our privacy by tapping every electronic  communication in the entire world.

These clowns are completely out of control. . . 


Wahooo's picture

I hope he dresses up in crosshairs for Halloween.

gavrilo princip's picture

if there is a conspiracy, NSA is a liability. That is why it was probably possible for Guardian newspaper publish Snowdens files.


gavrilo princip's picture

and there is aplenty of the sheeple who believe mainstream uk paper is completely free when it comes to what they can publish. 

putaipan's picture

 been looking for a place to drop this. i always said the best perspective to take on snowden was to remember the full lesson of ellsburg- take the damaging truths revealed and work them for all they are worth, but remember the reveal in a larger context of why it was finally revealed.

really hate to be this conspiranoid... but i'm starting to think the reason hastings blew up was that he didn't want to play the little reveal. just sayin'.

gavrilo princip's picture

playing chess you need to be carefull of drawing conclusions when offered with a free piece by obviously tricky players. why do differently in life? 

Bananamerican's picture

He could have just said "none of your damn business" but a propa's gotta ganda

Pairadimes's picture

At least Mengele was a poet. This brand of sociopath wields the English language like a carton of smoke bombs.

Overfed's picture

I only got about half way through it before the headache became too much to bear.

lotusblue's picture

Self-righous menace.Alxander,Clapper,Fienstin,King-Danger to what little is left to our society.

"We didn't listen in on our allies but we'll stop doing it" WTF BS.

tHE STRUCTURE OR RATHER"systems built"Synchronous sytems" They allude to have grown to be DISMANTLED ! All this is is system to protect  and garner more $ for their codrie.

The spending for "security " is entirely out of proportion to any real threat !

The NSA created threat is so much greater !

No over site,no congress,no Sam Church.They know their time and the Jig is up !

CaptainObvious's picture

That was my thinking.  He used an awful lot of words to say, "Yes, we're spying on you, and yes, we'll keep on spying on you."  I don't care how this fuckwit justifies the spying, because we have this thing called a Constitution that nullifies all of his arguments.

Skateboarder's picture

"Just a document," "outdated," "doesn't apply to 'modern society' anymore," etc.

What kind of a document says only gold and silver coin can be currency lol. Everyone knows that a Capital One credit card is the only legitimate form of money. Samuel Jackson said so on a commercial and it sounded like his nuts hurt.

Seasmoke's picture

Keith will wipe your ass for you. 

DoChenRollingBearing's picture

Right, + 1

Keith is just another liar.

Colonel Klink's picture

I would like to add, FUCK YOU Keith Alexander you traitorous lying cunt!

DaddyO's picture

Off to the Gulag with you, Colonel!

Gen Alexander is a liar, plain and simple!


Colonel Klink's picture

I will not go off to the gulag.  I will go down fighting against tyrannical government.

Government forcing me to comply with fraudulent enacted laws will cause me to forfeit my life for the tree of liberty.

StychoKiller's picture

Hmm, does Major Hofstater have the ear of Herr Himmler?  Kleennnk!

Colonel Klink's picture

Yeah but our Hitler "knows nuthzink!"

King_Julian's picture

From the bridge of his starship... Keith "Capt. Kirk" Alexander.

El Vaquero's picture

I keep on saying it:  Put him in a zoo.  Put all of the fuckers who spy on us in a zoo.  24/7, no privacy.  I don't give a damn if it's prostate exam day, zero fucking privacy for these fucks.  If they have nothing to hide, they have nothing to worry about, right?  It would be a very fitting punishment.


So, if by "Gulag" you really mean a VERY public zoo, then I agree. 


PS:  Ya got that NSA?

Sean7k's picture

Let me add my Fuck You Keith Alexander, as well.

Crash Overide's picture

Stop spying on me you assholes, I will take my chances with the terrorists...

FieldingMellish's picture

Wednesday humor at its finest.

Headbanger's picture

Yeah and Hitler was really just an aspiring artist!

Dapper Dan's picture

We were the first to assert that the more complicated the forms of civilisation the more restricted the freedoms of the individual must become.

B. Mussolini.


Even the very poor have more personal freedom in an open society than a centrally planned one.


 Argentine Cardinal Bergoglio elected pope 2013


  • NSA surveillance programs leaked
  • Report: The NSA allegedly eavesdropped on cardinals before the conclave in March to elect a new pope, Italian weekly magazine Panorama reports - @AFP
    WillyGroper's picture

    They were just trying to verify he was Catholic.

    StychoKiller's picture

    Next up:  Bears, just where do they defecate?

    Mongo's picture

    As if we had a choice... fascists!

    One And Only's picture

    Right. He would have me believe Hitler protected the Jews too. Fuckin cunt.

    Azannoth's picture

    As a matter of fact, Hitler wanted to create an independent Jewish State .. only the jews had a problem with moving to .. Madagascar