NSA Director Lt. Gen. Keith Alexander tells senators the U.S. Cyber Command aims to protect the privacy of American citizens despite the uncharted legal territory in cyberspace.
Lt. Gen. Keith Alexander told
the Senate Armed Services Committee
April 15 that he would work to protect
the privacy rights of Americans-even as he noted the amount of uncharted
territory in cyber-law.
Currently director of the National Security Agency, Alexander has been
nominated by President Obama to head the U.S. Cyber Command. The Cyber
Command is a subordinate unified command under the U.S. Strategic Command,
and was created in 2009 to protect Department of Defense networks and
coordinate the country's cyber-warfare operations.
If confirmed, Alexander's main goal would be to build "the
capacity, the capability and the critical partnerships required to secure our
military's operational networks," he told the committee. This
position, he said, is not about trying to "militarize cyberspace,"
but about safeguarding the integrity of the military's critical
However, the complexities of securing
were not lost in the discussion. Alexander noted that it is much
more difficult to distinguish neutral countries and adversaries in cyber-war
than in physical war, because a "cyber-attack could bounce through a
Sen. Carl Levin, chair of the committee, questioned how Cyber Command would
react in the event of a cyber-attack on the country's utilities that originated
overseas but made use of computers in the United
Alexander said that scenario would primarily be the responsibility of the Department
of Homeland Security, which is tasked with protecting the nation's civilian
infrastructure, but the Cyber Command would get involved if asked for
"The issues now though are far more complex because you have U.S.
persons, civil liberties, privacy all [coming] into that equation ...while you
try to, on the same network, take care of bad actors," he said.
In an e-mail to eWEEK, Patrick Gorman, former Associate Director of National
Intelligence at the Office of the Director of National Intelligence, said
properly identifying who attacked and from where, as well as the
impact of the attack, are key elements of a sound cyber-security policy.
"Taking action means [using] defensive means as well as offensive
means," said Gorman, now a principal at consulting company Booz Allen
Hamilton. "If a missile were fired at the United
States, we would not hesitate to
intercept the missile, regardless of who fired it. On the other hand,
retaliation requires attribution and a proportionate response. So exact and
certain attribution should not preclude a prompt and proportionate
response to defend government networks and critical infrastructure."
Though Alexander said there is "much uncharted territory in the world
of cyber-policy, law and doctrine," he stressed that the Cyber Command
would respect the privacy rights of Americans.
"While cyberspace is a dynamic, rapidly evolving environment, what will
never change will be an unwavering dedication by both Cyber Command and the
National Security Agency to the protection of civil liberties and the privacy
of American citizens," Alexander said.
"We face a growing array of cyber-threats from foreign intelligence
services, terrorists, criminal groups and individual hackers who are capable of
stealing, manipulating or destroying information that could compromise our
personal and national security," he told the committee. "The
Department of Defense in particular requires a focused approach to secure its
own networks, given our military's dependence [on those networks] for command
and control, logistics and military operations."