Cybersecurity

Keith Alexander Wants to Patent Method For Detecting Cyber Threats -- Is That Ethical?

Army General Keith Alexander, head of the National Security Agency

Army General Keith Alexander, head of the National Security Agency // Isaac Brekken/AP

Keith Alexander is trying to explain himself. The former director of the NSA stoked astonishment when reports surfaced that he would ask from $600,000 to as much as $1 million per month as a cybersecurity consultant. What could make him so valuable, save the highly classified secrets in his head? A congressman went so far as to speculate that he'd be selling state secrets. But it isn't so, Alexander says. In an interview with Foreign Policy, he offers a new accounting:

The answer, Alexander said in an interview Monday, is a new technology, based on a patented and "unique" approach to detecting malicious hackers and cyber-intruders that the retired Army general said he has invented, along with his business partners at IronNet Cybersecurity Inc., the company he co-founded after leaving the government and retiring from military service in March. But the technology is also directly informed by the years of experience Alexander has had tracking hackers, and the insights he gained from classified operations as the director of the NSA, which give him a rare competitive advantage over the many firms competing for a share of the cybersecurity market.

Details on the "unique approach" are thin, but it wouldn't surprise me if Freedom of Information Act requests are already being prepared to send to the U.S. Patent Office:

Alexander said he'll file at least nine patents, and possibly more, for a system to detect so-called advanced persistent threats, or hackers who clandestinely burrow into a computer network in order to steal secrets or damage the network itself. 

As FP notes, these are the sorts of "cyberattacks" that Alexander harped on while in government, claiming they already represented "the greatest transfer of wealth in American history."

Let's mull that over. While responsible for countering cybersecurity threats to America, Alexander presides over what he characterizes as staggering cyber-thefts and hugely worrisome security vulnerabilities. After many years, he retires. And immediately, he has a dramatically better solution to this pressing national-security problem, one he never implemented in government but plans to patent and sell! 

FP's Shane Harris talked to some lawyers and reports:

Alexander is believed to be the first ex-director of the NSA to file patents on technology that's directly related to the job he had in government. He said that he had spoken to lawyers at the NSA, and privately, to ensure that his new patents were "ironclad" and didn't rely on any work that he'd done for the agency—which still holds the intellectual property rights to other technology Alexander invented while he ran the agency.

Alexander is on firm legal ground so long as he can demonstrate that his invention is original and sufficiently distinct from any other patented technologies. Government employees are allowed to retain the patents for technology they invent while working in public service, but only under certain conditions, patent lawyers said. If an NSA employee's job, for instance, is to research and develop new cybersecurity technologies or techniques, then the government would likely retain any patent, because the invention was directly related to the employee's job. However, if the employee invented the technology on his own time and separate from his core duties, he might have a stronger argument to retain the exclusive rights to the patent.

This is an emperor-has-no-clothes moment. We're supposed to believe that Alexander went home and developed much of a million-dollar-per-month cybersecurity technology in his spare time, while doing two different demanding national-security jobs, without using NSA resources or classified information, in a way that was somehow separate from his core duties, which included a cyber-security portfolio?

It beggars belief: 

He was the longest-serving director in the history of the NSA and the first commander of the U.S. Cyber Command, responsible for all cybersecurity personnel—defensive and offensive—in the military and the Defense Department. From those two perches, Alexander had access to the government's most highly classified intelligence about hackers trying to steal U.S. secrets and disable critical infrastructure, such as the electrical power grid. Indeed, he helped to invent new techniques for finding those hackers and filed seven patents on cybersecurity technologies while working for the NSA.

He'd now have us belief that in his spare time he was developing even better techniques than the ones he developed in government. Even if true that would be a scandal! Harris posed the obvious question: "Asked why he didn't share this new approach with the federal government when he was in charge of protecting its most important computer systems, Alexander said the key insight about using behavior models came from one of his business partners, whom he also declined to name, and that it takes an approach that the government hadn't considered. It's these methods that Alexander said he will seek to patent."

So there you go.

Alexander toils in his spare time. The million-dollar idea is almost there ... but not quite. Then, just as he retires, a mystery man comes through with a veritable flux capacitor. How fortuitous!

The business partner, whose name we're not allowed to know, and with whom Alexander was able to collaborate immediately upon leaving his job, but not before, contributed the crucial insight—ostensibly without any assistance from his future business partner, who had access to all the most useful possible classified information—but despite coming up with this ostensibly invaluable intellectual property independently, the mystery man is willing to cut Alexander in for a seven- or eight-figure payday.

As if that weren't enough:

Alexander said they were particularly worried about threats like the Wiper virus, a malicious computer program that targeted the Iranian Oil Ministry in April 2012, erasing files and data. That will come as a supreme irony to many computer security experts, who say that Wiper is a cousin of the notorious Stuxnet virus, which was built by the NSA—while Alexander was in charge—in cooperation with Israeli intelligence.

 The man who both presided over the creation of the most sophisticated cyber-weapon in history and hyped the threat of cyberattacks more than anyone else in America will now patent and privately sell for millions a product to stop cyberattacks. When did the business partnership with the mystery man form, one wonders? The whole story, which could only happen in America, would seem to lend some urgency to Jason Leopold's lawsuit trying to secure Alexander's financial disclosure forms from the NSA, which is refusing to give them up

If the limited facts on offer don't stink enough to prompt a congressional inquiry—ideally one that gets Alexander testifying under oath—what possible fact pattern would rouse the branch of government charged with oversight? At the very best, he is stoking a perception of impropriety so extreme that it speaks poorly of his character that he's chosen to retire in this fashion. If anything more nefarious is going on, hopefully either Congress or the press will be able to expose it. The stakes are certainly high enough to justify digging.

Threatwatch Alert

Data dump / Network intrusion

IDs of all Serbians Exposed in Attack on State Network

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
// December 18
X CLOSE Don't show again

Like us on Facebook