Last month in my blog post, Executive Briefing with Former DHS Secretary Michael Chertoff, I described an executive breakfast event held by Mandiant in Houston. On February 22nd Mandiant conducted a second executive breakfast in Washington, DC. This time our guest speakers included Mandiant CEO Kevin Mandia and General (retired) Michael Hayden, former director of the National Security Agency (NSA) and former director of the Central Intelligence Agency (CIA). Grady Summers, our new vice president for customer success, joined Kevin and General Hayden during a question and answer session, and I moderated the event. Despite occupying a larger room, we filled every chair, heard compelling presentations, and received many thoughtful comments and questions from our attendees.
In this post I would like to highlight a few points made by General Hayden.
General Hayden put the digital revolution into perspective, arguing that the invention of the Internet and subsequent developments is on par with European contact with the western hemisphere. As was the case in the late 15th century and beyond, history witnessed new modes of thinking, communicating, trading, governing, and other actions not anticipated or really understood by most of the participants. To go even further, General Hayden cited feedback from a speaker at one of his earlier talks who claimed the digital revolution is less like the "discovery" of the "new world" and more like the human invention of language.
General Hayden directly addressed the topic of cyberwar by making distinctions among the following activities, no doubt familiar to some of our readers:
- Computer Network Exploitation (CNE) primarily involves theft of data from a target. General Hayden classified Advanced Persistent Threat (APT) activity as an example.
- Computer Network Attack "sub 1" (i.e., CNA1 ) involves digital actions that have a negative digital effect, such as denial of service, destruction of data, and the like. General Hayden cited Russian attacks against Estonia as an example.
- Computer Network Attack "sub 2" (i.e., CNA2 ) involves digital actions that have a negative physical effect, such as destruction of critical infrastructure. General Hayden cited Stuxnet as an example.
With respect to espionage, General Hayden made it clear that the United States and "English speaking allies" do not spy for profit, unlike most of the rest of the world. This is a clear differentiator between the sorts of offensive cyber actions taken by the United States, and those taken by Russia, China, and others.
General Hayden concluded his remarks with what he termed a "patriotic, flag-waving" thought. He said that as a historian, he often looks for parallels between current and past events. He wondered if, at some point in the distant future ("600-800 years," he said), historians of that era would ask their students the following:
"Do you remember the United States? Oh yes, they would reply. They invented the Internet!"
The Internet would be remembered as the quintessentially American invention, an expression of communication, liberty, and freedom that must be protected from those who seek to transform it for repressive means (as may be happening in the ITU).
I agree to a great extent with General Hayden's thoughts, but I would also think that future historians would remember the United States for, in the words of President John F. Kennedy, landing a man on the Moon and returning him safely to Earth.
Please join us for our next Breakfast event with Michael Chertoff, the former secretary of Homeland Security, in New York, NY on March 15th for more insights and lessons on computing, security, and cyber policy.