Josh Gerstein
April 30, 2015
Two former high-ranking U.S. officials presented different perspectives Wednesday on the current risk of a serious or catastrophic cyberattack against the U.S.
Former National Security Agency Director Keith Alexander said the danger of such attacks is growing. He laid out scenarios where a bad actor might take down the power grid and mount a cyberattack on the financial sector at the same time, causing a high degree of panic, confusion and economic damage.
“The use of cyber, both for criminal activity and for nation-state, has had a significant rise in the last seven, eight years. … We see this only picking up,” Alexander said at a discussion in Washington organized by the Aspen Security Forum. He said he was optimistic that Congress may be on the verge of passing long-debated cybersecurity legislation intended to facilitate information-sharing between industry and government.
“We’ve told them it’s a crisis,” Alexander said of the message he’s delivered to lawmakers. Director of National Intelligence James Clapper has also put cyber atop his annual list of threats to U.S. security.
However, speaking to the same group, former National Counterterrorism Center Director Matt Olsen said that while the greatest risk of a devastating cyberattack remains in the future, more conventional forms of terrorism are a greater danger right now.
“The threat from terrorism is our No. 1 threat and remains that and is becoming more complicated,” said Olsen, a former federal prosecutor. He described cyber danger as an “emerging” threat on the upswing but an area where the capabilities of U.S. foes are still developing.
Olsen also suggested that while groups like the Islamic State of Iraq and the Levant had “seized our attention” with videotaped beheadings and other atrocities, he still sees the Al Qaeda offshoot in Yemen, Al Qaeda of the Arabian Peninsula, as the greatest threat for an attack on the U.S. But he acknowledged that the emergence of smaller militant groups in places like Syria and Libya is complicating the government’s efforts to keep tabs on the problem.
“Some [groups] are focused on us and attacking us. Some are focused on regional goals, but they may soon turn their attention to the U.S.” said Olsen, who’s partnered with Alexander on a cybersecurity venture. “It’s also become more complicated because of the geographic spread. … The strategy is hard.”
In light of President Barack Obama’s acknowledgement last week that American and Italian aid workers were killed in a U.S. operation in Pakistan said to involve a drone strike, Olsen was asked to describe how the government decides to OK such attacks. He said he helped draft the policy Obama outlined in 2013 requiring that drone strikes be authorized only where an effort to capture a targeted militant is not feasible and where the threat of attack is imminent.
“One of these questions that I think is really hard and that we’ve spent a lot of time on is this idea of what’s an imminent threat,” said Olsen. “It might mean something … less demanding in the context of a group like Al Qaeda as opposed to how you might in your everyday life think about imminent. The way we talk about it in these operations is: Is there anything more that has to happen for this group to be able to carry out an attack? And have they done what they need to do and we may not have another opportunity to deal with it, to do something that would stop them from carrying out an attack? And that’s the way we talk about: Do they pose an imminent threat?”
Olsen described the judgment on feasibility of capture as a “common-sense” one and said it did not involve political considerations about the country involved. However, White House press secretary Josh Earnest said last week that questions about the reaction of local residents to U.S. troops factored into such decisions. The explanation led to the possible conclusion that the 2011 U.S. raid in which Osama bin Laden was killed in Abbottabad, Pakistan, was, in fact, not “feasible” under the current standards.
Some tense moments at the session came when journalist and author Jim Bamford asked Alexander about testimony he gave to a House panel in 2012, assuring Rep. Hank Johnson (D-Ga.) that the NSA wasn’t vacuuming up the communications of Americans.
“Does the NSA routinely intercept American citizens’ emails?” Johnson had asked.
“No,” the then-NSA director said.
Bamford said NSA leaker Edward Snowden concluded that Alexander’s testimony was not true. According to Bamford, Snowden cited a desire to rebut it as one of the reasons he decided to copy data he had access to about the agency’s surveillance efforts and share it with journalists.
Johnson “did ask a series of question on this, and I answered those, I think, exactly correct,” Alexander said. “We went back over the record and ensured, with our legal folks, that I answered those exactly correct.”
Critics have said Alexander’s answers ignored the fact that information on Americans’ phone calls are routinely collected by the NSA’s phone metadata program and the content of communications of Americans are regularly picked up as the agency pulls in Internet and email data from foreigners’ accounts.
Alexander emphasized that the phone program doesn’t collect content of phone calls. He also said his answers were accurate because the surveillance conducted in the U.S. and revealed by Snowden takes place under legal authorities considered part of the Foreign Intelligence Surveillance Act.
“But your answer was simply, ‘No,’” Bamford replied. “You didn’t explain all those things.”
“I don’t buy that. I really don’t buy that,” Alexander insisted. (The whole Johnson-Alexander 2012 exchange is here.)
Alexander also said that Snowden needed to take only two documents to reveal the phone metadata and PRISM programs but took more than a million, revealing a wide array of more traditional U.S. intelligence-gathering efforts that the former NSA chief said raise no civil liberties concerns for the American public.
Alexander said that while he has no proof, he still believes Snowden may have been connected to the Russian intelligence service or another U.S. adversary. “Something doesn’t look right to me,” the ex-NSA chief said.
The discussion Wednesday was billed as a preview of the annual Aspen Security Forum, set to take place in Colorado in July.
No comments:
Post a Comment