National Security Agency Director General Keith B. Alexander addressed the attendees of the Defcon hacker conference in Las Vegas on Friday and asked for their help to secure cyber space.
"This is the world's best cyber security community," said Gen. Alexander, who also heads the U.S. Cyber Command. "In this room right here is the talent our nation needs to secure cyber space."
[ Also on InfoWorld: Hackers hog the limelight at Black Hat 2012. | Security expert Roger A. Grimes offers a guided tour of the latest threats and explains what you can do to stop them in "Fight Today's Malware," InfoWorld's Shop Talk video. | Keep up with key security issues with InfoWorld's Security Adviser blog and Security Central newsletter. ]
Hackers can and must be part, together with the government and the private industry, of a collaborative approach to secure cyber space, he said.
Hackers can help educate other people who don't understand cyber security as well as they do, the NSA chief said. "You know that we can protect networks and have civil liberties and privacy; and you can help us get there."
Gen. Alexander congratulated the organizers of Defcon Kids, an event dedicated to teaching kids how to be white-hat hackers, and described the initiative as superb. He called 11-year-old Defcon Kids co-founder CyFi to the stage and said that training young people like her in cyber security is what the U.S. needs.
The NSA director stressed the need for better information sharing between the private industry and the government and noted that the Congress is currently debating legislation to address this.
NSA's and U.S. cyber Command's roles are to protect the nation from cyber attacks and foreign intelligence, Gen. Alexander said. The issue is that if you don't see a cyber attack you can't defend against it and at the moment, the NSA has no insight if Wall Street is going to be attacked, for example, he said.
Gen. Alexander pointed out that if the industry could share some limited pieces of information from their intrusion detection systems in real time, the NSA could take it from there.
The next step from information sharing is jointly developing standards that would help secure critical infrastructure and other sensitive networks, he said.
He encouraged hackers to get involved in the process. "We can sit on the sidelines and let others who don't understand this space tell us what they're going to do, or we can help by educating and informing them" of the best ways to go forward.
"That's the real reason why I came here. To solicit your support," he said. "You have the talent. You have the expertise."
At the Aspen Security Forum conference on Thursday, Gen. Alexander revealed that there's been a 17-fold increase in cyber attacks against U.S. infrastructure between 2009 and 2011, the New York Times reported.
The hacker community has built many of the tools that are needed to protect cyber space and should continue to build even better ones, he said during his keynote at Defcon. He gave the example of Metasploit and other penetration testing tools.
"Sometimes you guys get a bad rap," he said. "From my perspective, what you're doing to figure out vulnerabilities in our systems is great. We have to discover and fix those. You guys hold the line," he said.
Gen. Alexander's presence at Defcon was a rare event. Before introducing him to the stage, Defcon founder Jeff Moss, who is the chief security officer of ICANN and a member of the U.S. Homeland Security Advisory Council, revealed that he has tried for the past 20 years to get a high-ranking NSA official to speak at the conference.
"Like magic, on our 20th anniversary and NSA's 60th anniversary it's all come together," Moss said. "For me it's really eye-opening to see the world from their [NSA's] view."