After WannaCry, ex-NSA director defends agencies holding exploits

There’s not much more topical than cyber security right now. And who better to talk about it than former director of the NSA and ex-chief of the Central Security Service, general Keith Alexander?

On stage here at TechCrunch Disrupt New York, Alexander discussed the WannaCry(pt) ransomware that disrupted systems in multiple countries on Friday — and was only stopped by accident after a security researcher registered a web domain that had been hard coded into it as a kill switch.

Alexander warned there would be more such attacks this year, and urged industry to work with government to try to defend against global cyber threats.

“I think this is just one of many that we’re going to see,” he said. “Many people said this is the year of ransomware.”

Alexander was asked how much responsibility the NSA bears for the WannaCrypt virus — given reports have indicated the virus utilizes an exploit that was stolen from the NSA.

Yesterday Microsoft also explicitly called out government agencies for undermining global cyber security by stockpiling exploits.

“The NSA didn’t use the WannaCry, criminals did –- someone stole it,” he shot back on that.

“This WannaCry starts to split [government agencies and industry] apart but our nation needs industry and government to work together,” he added.

He also implicitly defended the NSA’s use of exploits — saying the agency needs “capabilities” to allow it to know what adversaries are doing, and should not be required to release all the exploits it finds.

“We’ve got to have tools,” he said. “[NSA] don’t hoard exploits; they release 90+ percent of what they get but to go after a terrorist you need an exploit.”

Alexander’s big pitch was for government and industry to work together to try to de-risk these intelligence agency “tools” — i.e. to patch up and firefight critical scenarios whereby an intelligence agency exploit has been leaked and is in the hands of cyber criminals.

“The fact that Microsoft actually put a patch out in March — how do you make sure that those things go out? And is there a way that government and industry can work together so that those things are done seamlessly,” he suggested. “And the answer’s yes. And should we do that? Yes.”

Alexander also discussed his views on Trump’s executive order on cyber security, and the ongoing reform of Section 702 of FISA.

You can watch the full interview in the below video.