The Complex

General Alexander: Civil agencies should lead response to domestic cyber attacks

Army Gen. Keith Alexander, head of U.S. Cyber Command, yesterday said that civilian agencies should have the lead in responding to most cyber attacks on U.S. soil.

"From my perspective the domestic actor would be the FBI," said Alexander, responding to a question from Rep. Joe Heck about the command's role in responding to cyber attacks that originate in the United States. "We share our tools with the FBI. They work through the courts to have the authority to do what they need to do in domestic space to withstand an attack."

Cyber Command and FBI Director Robert Mueller have "come up with a way that he would do inside [the U.S.] and we would do outside," Alexander added, in testimony to a House Armed Services subcommittee.

Alexander went on to point out that DOD, the FBI, and the Department of Homeland Security are hammering out ways to share information on cyber threats extremely quickly -- figuring out where the attack is coming from; determining whether it's a criminal, espionage, or destructive attack; and allowing the appropriate agency to take the lead while receiving support from the others. 

"There may be points and times where you have, you know, significant attacks where we need to change parts of that [civilian-led response structure], but the key thing is to have him [Mueller and the FBI] do inside the country," said Alexander. "He would work with the courts as appropriate to do his portion of the mission. Outside the country, that's where we would operate." (Click here to read about the offensive cyber teams that DOD is standing up to conduct operations outside the United States.) 

It's worth noting that some of the teams that Cyber Command is establishing to "operate and defend" networks will work closely with "DHS and FBI as required," said Alexander.

Still, as Alexander noted, "the Defense Department will do its part to defend the country. It's not going to just defend itself. Our job is to defend the country and the focus would be obviously on critical infrastructure, just as it would be in kinetic and other things."

He elaborated on the key questions that govern the debate as to when the military becomes deeply involved in responding to a cyber incident. 

"The issue becomes, when does an exploit become an attack, and when does an attack become something that we respond to? Those are the policy decisions, and the red lines that go to those will be policy decisions" for the White House, said the four-star. "Our job would be to set up the options that the president and the secretary could to stop [destructive cyber attacks from an outside enemy]. And as you may recall, both the former president and the current president have both said that they would keep the options open in this area. I mean, I think that's reasonable, from using State Department to demarche, all the way over to kinetic options or cyber. So they have that whole range."

Getty Images

The Complex

Here's the readout of the president's cyber summit with CEOs

Around the same time millions of people around the world were waiting for the new pope to appear on the balcony of Saint Peter's Basilica today, U.S. President Barack Obama was talking cyber security with the CEOs of 13 major American corporations.

(It should be noted that most of the businesses are banks, energy firms, transportation companies, defense contractors and communication providers -- businesses that might be classified as critical infrastructure providers.)

The meeting came one day after the U.S. Intelligence Community (IC) released its annual World Wide Threat Assessment -- with cyber warfare at the top of the list, ahead of terrorism and weapons of mass destruction. It also comes a day after the head of U.S. Cyber Command, Army Gen. Keith Alexander unveiled more information about the military's offensive capabilities and warned that a major, destructive cyber attack could cause more damage than the 9/11 terrorist attacks. However, when unveiling the IC's threat assessment, Director of National Intelligence James Clapper played down the risk of a catastrophic cyber attack, calling it "remote."

Anyway, here's the White House's readout of the president's meeting to discuss cyber with CEOs. Enjoy.

This afternoon, a group of CEOs met in the Situation Room with senior White House and NSC officials to discuss cybersecurity and the threat it poses to our economy and our security. The President joined this meeting to demonstrate the importance he and his Administration place on the issue of cybersecurity.  Today's meeting was part of the Administration's ongoing dialogue with the private sector on cybersecurity.  

The President and the CEOs discussed the increasing cyber threats to our critical infrastructure and our economy. They discussed the efforts the U.S. Government is taking to address these threats, including diplomatic engagement and the President's recently signed Executive Order. The President and the CEOs discussed how the government and private sector can build on our cooperation to improve the nation's cybersecurity.  And finally, they discussed the need for cybersecurity legislation to enable government and industry to more effectively address these cyber threats.

The following CEOs attended:

  • Nicholas Akins, President and CEO, American Electric Power Company, Inc.
  • Ursula Burns, Chairman and Chief Executive Officer, Xerox Corporation
  • Wes Bush, Northrop Grumman Corporation
  • Clarence Cazalot, Chairman, President and CEO, Marathon Oil Corporation
  • David Cote, Chairman and CEO, Honeywell International, Inc.
  • Scott Davis, Chairman and CEO, United Parcel Service, Inc.
  • James Dimon, Chairman and CEO, JP Morgan Chase & Co.
  • David Melcher, CEO and President, ITT Exelis
  • Brian Moynihan, President and CEO, Bank of America Corporation
  • Eric Spiegel, President and CEO, Siemens Corporation
  • Randall Stephenson, Chairman and CEO, AT&T Inc.
  • Rex Tillerson, Chairman and CEO, Exxon Mobil
  • Maggie Wilderotter, Chairman and CEO, Frontier Communications

Getty Images