We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Intelligent Machines

NSA Boss Wants More Control Over the Net

The Internet should be adapted to allow for oversight by the National Security Agency, the organization’s boss says.

The U.S. Internet’s infrastructure needs to be redesigned to allow the NSA to know instantly when overseas hackers might be attacking public or private infrastructure and computer networks, the agency’s leader, General Keith Alexander, said today.

Alexander spoke at the annual Def Con computer hacking conference in Las Vegas. It was a symbolic appearance that he said was motivated by a need to interest the hacker community in helping to make the Internet more secure.

Alexander, who is also commander of the U.S. Cyber Command, described the Internet as “at great risk from exploitation, disruption, and destruction.”

In recent years, many Internet users have become familiar with the idea that websites can be knocked offline by denial of service attacks, such as those employed by online activist groups such as Anonymous. “My concern is that it’s going to flow into destructive attacks that could have consequences for our critical national infrastructure and the Internet itself,” said Alexander.

The decentralized nature of the Internet, and the fact that the global network is built from a thicket of independent public and private networks, is limiting efforts to protect against such attacks, said Alexander, because it doesn’t allow the NSA or law enforcement to easily track Internet activity. “We do not sit around our country and look in; we have no idea if Wall Street is about to be attacked,” he said.

The NSA is already running a trial with 17 U.S. defense companies intended to demonstrate technology that could be deployed to change that. Under the Defense Industrial Base (DIB) Cyber Pilot, Lockheed Martin and other companies set up their computer security systems to automatically alert the agency when the alarm is tripped. They automatically pass a summary of what was detected and the IP address associated with the event to the NSA over the Internet. “All you need to pass is the fact of a signature and IP address in real time, and we can take it from there,” said Alexander.

Alexander suggested that the NSA should be given a wider checkpoint role across the Internet to protect core infrastructure and all vital systems connected to it, drawing an analogy with an automatic road toll system. “What we need for cybersecurity is something analogous to that,” he said. “Think of us as the EZ Pass on the highway.”

Alexander dismissed possible concerns about giving the NSA too much oversight into how the Internet is being used: “When you go down the highway, and you go down the EZ Pass lane, what you’re doing is sending that code. That system is not looking in your car, reading the e-mail, or intercepting anything, it’s just getting that code.”

Alexander also suggested rolling back the decentralization of computer networks by saying that “thin client” computing should be considered by large organizations. Long out of fashion, the thin client approach gives individual users relatively simple computers that access computing resources that are controlled centrally. That could help large organizations such as the U.S. Department of Defense, which currently has some 15,000 separately configured and operated sections of its network, said Alexander, offering too many potential areas of attack.

Speaking about the fact that some Def Con attendees are leery of the NSA interest in their event, a hacker known as Dead Addict, who has helped organize the Def Con event since the first conference 20 years ago, said he was pleased that Alexander wanted to engage with the hacker community. “Many of us fear their surveillance and offensive capabilities, but many of us share an interest in that [offense] as well,” he said. He pointed out that the activities of all hackers at Def Con rely on the Internet to be resilient and trustworthy. “Our interests overlap.”

Alexander claimed that taking such steps could also be lucrative for the U.S., and foster new areas of business. “This could help us with our economic growth. Look at what fuels our economy,” he said. “We’re the ones that helped develop, and helped build the Internet; we ought to be the first to secure it.”

AI is here.
Own what happens next at EmTech Digital 2019.

Register now
More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    Print + Digital Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

    Technology Review PDF magazine archive, including articles, images, and covers dating back to 1899

    10% Discount to MIT Technology Review events and MIT Press

    Ad-free website experience

You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.