The head of the U.S. Cyber Command, Four-Star General Keith Alexander, told an audience of skeptical and sometimes hostile security experts and hackers that they should have faith that the U.S. National Security Agency (NSA) isn’t abusing its access to cell phone meta data and other online communications in its pursuit of terrorists who “live among us.”
Speaking before a packed audience that included some of the country’s top computer security and privacy experts, Alexander spoke in measured tones about PRISM, the omnibus data collection program that was exposed in documents leaked by a former Booz Allen Hamilton contractor, Edward Snowden, saying that it had directly led to the disruption of 53 of 54 discrete “terrorist related activities” in the U.S., Europe, Asia and Africa since the September 11, 2001 terrorist attacks on New York and Washington, D.C.
Adopting images and a tone common in the years immediately following 9/11, but less common today, Alexander recounted the various terrorist attacks on the U.S. and U.S. interests, starting with the first World Trade Center bombing in 1993. He painted a picture of the U.S. as a vulnerable and victimized nation inhabited by unknown terrorists who “use our communications and live among us.”
Likening PRISM and related programs to “lawful intercept” programs used by many nations, including U.S. allies,” Alexander said that the difference in the U.S. is more – not less – oversight and compliance. PRISM and other programs are closely monitored by “the courts, Congress and the Administration,” Alexander argued, taking issue with reporting on PRISM in the wake of the Snowden leaks.
“That part is missing in discussion, but its important for you to hear that -for you to understand what these people have to do their job,” he said, speaking of the NSA employees who run PRISM. He went on to paint NSA employees as silent and nameless soldiers in the Global War on Terror, noting that more than 6,000 NSA employees had served in the wars in Iraq and Afghanistan, and that 20 of them had died in action. “They died to make sure troops had the intelligence they needed,” Alexander said. “That is a noble purpose.”
In general, Alexander received a warm response from Black Hat attendees who, despite the show’s bad boy image, are overwhelmingly IT security professionals working in the private sector or the government. But the U.S. military’s top cyber warrior also faced criticism and some heckling from the crowd. One statement was greeted, flatly, with a cry of “bulls**t” from an audience member. Another interrupted the speech to charge Alexander with lying to Congress. “Why should we believe that you wouldn’t lie to us?” he asked, prompting a flat denial from Alexander. “I did not lie to Congress.”
Alexander went out of his way to connect the dots between the NSA’s surveillance program (which he referred to using official designations such as the FISA Amendments Act (or FAA) Section 702 and the Patriot Act Section 215) and actual terror plots that had been interrupted using data gathered under the program. One of the most specific examples was the case of would-be New York City subway bombers Najibullah Zazi and Adis Medunjanin – a case that began with data collected under the PRISM program, Alexander said.