WASHINGTON DC: Former NSA director general Keith Alexander has defended the PRISM programme he oversaw, arguing that leaks and fears about the mass surveillance project must not hamper the fight against cyber terrorists and crooks.
Alexander, speaking at the MIRcon conference attended by V3, said the NSA had only ever done as it was asked by the US government and that law-abiding citizens had nothing to fear from the programme.
"Some people ask if I feel like a pariah when discussing the Snowden leaks. I hear reports he was arrogant or wrong, but for me it's not that he took [the PRISM files], but that [afterwards] people believed the NSA was doing something wrong when we were doing what our country had asked us to do - doing things our government and courts had approved to protect us and our allies," he said.
"The way it was sensationalised, that was to me the most disheartening part, because I saw people willing to sacrifice their lives turned into stories to sell press.
"Your data is online, as is my data. If I talk to an Al Qaeda operative there's a good chance my data will be looked at. The same is true for anyone. Don't do it."
Alexander went on to argue that all safeguards were followed during the surveillance campaign and only a very targeted amount of data was analysed.
"Everything we do is audited. In the year [since the leak] our activities have been looked up, not one person has been found doing wrong that wasn't already reported," he said.
"Every [NSA] analyst is trained up on how to handle your data. If they looked at you the tag would be ‘unidentified US person' and if they make a mistake that's a violation and they'd be retrained. They go through 400 hours of training, that's more than pilots.
"There are only 140 to 180 numbers looked at per year by the NSA. I'd say if you don't agree with it come up with a better programme."
Europe's support for PRISM
News of the NSA's mass surveillance PRISM campaign broke in 2013 when controversial ex-CIA analyst Edward Snowden leaked classified documents proving the agency was collecting data from technology companies.
The widespread campaign is believed to have targeted a number of European governments and many, including the German government and European Commission, have demanded further transparency from the NSA.
The ex-NSA director disputed these rumblings by arguing that a number of unnamed allied intelligence agencies support the US operation.
"I had great partnerships with many European countries. They all said 'this [PRISM] is a political problem - keep doing where you're doing'. We have to figure out what to collect and get rid of what's not needed. These are political and policy decisions that will be made in the future," he said.
Alexander's comments follow debate about the need for reforms in the US and Europe's data protection laws and safeguards. US president Barack Obama pledged in January to examine and add fresh monitoring measures to control intelligence agencies' surveillance campaigns.
Alexander argued that the media circus around PRISM is doubly dangerous as it is distracting firms from more immediate cyber threats. He highlighted the high-profile APT1 and Dark Seoul hack campaigns as proof of the increased risk facing industry.
"As the director of NSA one of the things we predicted was the evolution of the threat going to disruptive attacks. This has occurred. One of the best moves that I saw in industry was when Mandiant revealed APT1," he said.
"What they did revealing that campaign, highlighted the risk to industry. Then in March of 2013 and June 2013 there were consecutive destructive attacks on South Korea that also represent the threat [facing us].
"Why do people attack cyber space and steal in it? Because that's where the money, intellectual property and secrets are. [All the threat actors] have come into this space. That makes our mission more difficult than ever before."
Alexander called for businesses to put their concerns about the NSA's practices to one side and work together to combat the real cyber threats.
"Symantec, FireEye, Ironnet and others all realise signature-based solutions are good for certain things, but they're not good enough for where we need to go," he said.
"We need behavioural models, that's where the race will be. We need real-time consumable threat intelligence messaging, to detect reports at speed within a network and among networks. These aren't technical challenges, we can do everyone of these. It's culture and the way we work today
"There is nothing to stop industry working together in cyber space. We can do it. The problem is cyber professionals look around and say 'I'm competing with these other guys'.
"The question is how we work together to solve this problem as no one company has a solution. It'll take several companies in a group to deal with the problem. The group to do this will be the next big player in cyber security."
Alexander highlighted education as another key area governments and businesses will need to address to cope with next-generation attacks.
"If you look at college students now half of what you learn in technology will be outdated by the time you get to your junior year. We're training people with technologies that will be outdated by the time they graduate to deal with problems we don't yet know about," he said.
The ex-NSA director's comments follow widespread warnings within the security community that firms are ignoring the cyber threat facing them.
FireEye chief operating officer Kevin Mandia argued that firms are continuing to take a head-in-the-sand approach to cyber security despite the discovery of state-sponsored campaigns, such as APT1, during an earlier keynote at MIRcon.
Australian government to require technology and communications companies to provide access to messages
New bill avoids demanding 'backdoors' in encryption, but includes measures to compel companies to provide access to encrypted communications
Indonesian overclocker Ivan Cupa (with the aid of a lot of liquid nitrogen) achieves record overclock on AMD's latest Threadripper
Ssupermassive black hole is so big it corresponds to four per cent of the galaxy's total mass
Imminent attack will target a single bank with cloned cards used to fraudulently withdraw millions over one weekend