This year in July gen. Keith Alexander, director of the National Security Agency and head of the US Cyber Command participated at DefCon, the hackers conference in Las Vegas.
In his address, gen. Alexander said, among other things, “This is the world’s best cybersecurity community. In this room right here is the talent our nation needs to secure cyberspace.” And he further asked the hackers to help educate the US Congress.
As someone, who is regularly meeting the top Russian cyber folks, I already know (unofficially, of course) how the words of gen. Alexander were met in Moscow. And you can judge about the official Russian reaction on your own, if you read this or this article, published in the Russian media.
But as someone, who lives in Washington, I can also imagine what the reaction in the US will be, if a speech like this happens to be announced by a Russian general, say, in St. Petersburg. A headline like “Putin’s general summons hackers to help Mother Russia” seems possible.
Of course, one may argue, that perhaps some Russian general has already spoken to the Russian hackers, but this would never be made public, because “press in Russia is not free”, but I won’t agree with this. I won’t speak for the press, but the Internet in Russia today is pretty open and publishes a lot of news, which cannot make the mainstream media – same like in the US, or Bulgaria, or wherever. If there has been such a meeting, it hardly would be kept secret.
In the aftermath of DefCon, there are some good lessons for all.
Asking hackers to help defend their own country is not necessarily bad – certainly, it’s sounds much better than asking them to help attack another country.
Such a dialogue could have started earlier, not in 2012, and nobody knows if it will continue. But if it will, it should be out, in the open, for all to see.
In the same public way the USA should be talking to foreign governments on cyber – with understanding of the cross-cultural differences, but also making sure everyone is aware that securing cyberspace is in the interest of all countries and citizens, and is a task for everyone – governments, businesses, civil society. This dialog has started many years ago, but there’s not enough progress.
It is high time for a breakthrough.
The author was chairman of the Bulgarian President’s IT Advisory Committee (2002-2012), and host of the first international South Eastern Europe Conference on Cyber Security Cooperation. The views, expressed in this article are his personal ones, and do not reflect views of any of the organizations the author is affiliated or working with.