* Keith Alexander heads both NSA and Cyber Command
* Credited with raising awareness on cyber threats
* Expansion plans worry civilian agencies, privacy advocates
By Andrea Shalal-Esa
WASHINGTON, May 26 Depending on your point of
view, U.S. General Keith Alexander is either an Army four-star
trying to stave off a cyber Pearl Harbor attack, or he is an
overreaching spy chief who wants to eavesdrop on the private
emails of every American.
Alexander, 61, has headed the National Security Agency since
2005, making him the longest-serving chief in the history of an
intelligence unit so secretive that it was dubbed "No Such
Agency." Alexander also runs U.S. Cyber Command, which he helped
to create in 2010 to oversee the country's offensive and
defensive operations in cyberspace.
The dual role means Alexander has more knowledge about cyber
threats than any other U.S. official, since the NSA already
protects the most sensitive U.S. data, extracts intelligence
from foreign networks and uses wiretaps to track terrorists. But
it also puts the general at the center of an intense debate over
how much power the government should have to spy on private
citizens in the name of protecting national security.
"He's lasted as long as he has because he's focused and he's
persistent. I've never heard him yell," said retired four-star
general Michael Hayden, who was Alexander's predecessor at the
NSA. "He doesn't spread himself too thin. He decides what's
important and puts his personal energy into those things."
Raised near Syracuse, New York, Alexander graduated from
West Point, the Army's elite training academy, in 1974. He had
planned to serve in the military for just five years but got
hooked on the work when he served in Germany as an intelligence
officer, monitoring what he described as "sensitive issues on
the border of East Germany and Czechoslovakia."
After Germany, Alexander held a series of increasingly
senior intelligence jobs and spent the first Gulf war as a
senior Army intelligence officer in Saudi Arabia. During this
time, he also earned four master's degrees, in electronic
warfare, physics, business and national security studies.
In 2005, after two years as the Army's top intelligence
officer, Alexander was tapped to replace Hayden at the helm of
the NSA, where he continued to run a warrantless surveillance
program initiated after the Sept. 11, 2001 hijacking attacks.
The program, which bypassed a federal court that authorizes
domestic wiretapping, was first revealed late in 2005, sparking
lawsuits, congressional hearings, leak investigations and a
furor that still dogs the agency - and Alexander - today.
Against this backdrop, his push to expand the NSA's role in
domestic cybersecurity has drawn criticism from privacy
advocates, and sometimes put Alexander at odds with the White
House and the Department of Homeland Security, according to
current and former officials.
Alexander had wanted the NSA to control a government
security program to aid non-military companies against cyber
threats, but others at DHS insisted - and ultimately prevailed -
on civilian control of the project, these officials said.
Jane Holl Lute, who stepped down this month as No. 2 at DHS,
said she has had intense conversations with Alexander about the
roles of their two agencies in improving cyber security. She
declined to detail any differences of opinion, but said they
were all judgment calls and she respected the general.
"He pushed up his hill, and I pushed up mine, and what we
came to was essentially two sides of the same hill," Lute said.
"We didn't always call balls and strikes the same way. That
does not mean he wasn't trying to get it right," she said. "I
would challenge anyone who would question his integrity."
HEADING FOR RETIREMENT
Alexander, who told Reuters he plans to retire in the first
half of 2014, has presided over one of the busiest times in the
NSA's 61-year history, from tracking the cellphone calls that
helped capture Osama bin Laden to drawing national attention to
cybersecurity. He played a key role in shaping a series of
recent cyber policy orders from the Obama administration.
More controversial has been the NSA's construction of a $2
billion data center in Utah, which has fanned concerns about the
agency's expansive eavesdropping capabilities.
NSA whistleblower William Binney, a former senior
crypto-mathematician, last year accused the agency of building
the Utah facility to collect data on virtually every American,
including private emails, cellphone calls and Google searches.
Alexander told the Reuters Cybersecurity Summit that such
claims about the Utah project are completely false. He rattled
off a long list of agencies that oversee the NSA's work,
including the Justice Department, White House and Congress.
"Either all of them are complicit in us doing this or the
allegations are absolute baloney. It's the latter," he said.
According to Alexander, the NSA has its hands full keeping
tabs on potential terrorists, and does not have the bandwidth to
read the 420 billion emails generated by Americans each day -
even though some foreign governments were trying to do that.
"The great irony is we're the only ones not spying on the
American people," he quipped.
Alexander has tried to make the NSA appear more transparent,
crisscrossing the country to talk about cyber issues. He likes
to pepper his speeches with jokes, once blaming his late arrival
at a Washington event on a distributed denial of service hacking
attack on city street lights.
A gadget lover, Alexander is known to roll up his sleeves to
become versant with the latest security technologies. On one
flight, he and his aide-de-camp learned "BackTrack," a
Linux-based product that helps people test their network
security. Aides say the general often scores over 1 million
points on the "Bejeweled Blitz" online puzzle game.
Alexander's biggest strength is his ability to reach out to
a wide range of audiences, said Shawn Henry, former FBI
executive assistant director. He cites a speech Alexander gave
at the Defcon hackers conference last year, an appearance that
would have been unheard of a few years ago.
"Here's a guy who is seen as a symbol of oppressive
government ... and he stands up in front of a thousand people,
many of whom probably have hacked networks over the years," said
Henry, recalling that Alexander had ditched his decorated
uniform for jeans and a black T-shirt. "He is just trying to
connect, talking about coordination, collaboration."
Alexander has asked the Pentagon to give Cyber Command the
same elevated status as other major military commands, but it is
not yet clear if that request will be granted.
Ira Winkler, president of the Information Systems Security
Association, said Alexander's leadership of both NSA and Cyber
Command is an advantage but also a complication.
"He's stuck in a bad position. He basically has to defend
U.S. cyberspace which requires securing commercial websites and
infrastructure, but no one wants him to have access to those
networks, since he's also in charge of NSA," Winkler said.
Alexander said he feels strongly that whoever succeeds him
should continue to wear the two hats, but not everyone agrees.
"How much can you consolidate before it gets so huge that
one person can't manage it," said Harry Raduege, a retired Air
Force general and former director of the Defense Information
Systems Agency, which oversees military IT systems. "It's an
awful lot for somebody at the top of those organizations to deal
Still, Raduege, now with Deloitte, said he expects the
Pentagon to elevate Cyber Command to a full unified command
before the general's retirement next year.
"There's no one in a better position to know the depth,
magnitude and broad-based nature of today's increasing and
evolving cyber threats," said Raduege. "When Keith Alexander
talks about cyber attacks, we should all listen."