Why a former NSA chief just made a big mistake by dissing hackers

By Andrea Peterson, Published: August 7 at 2:58 pmE-mail the writer

Former NSA Director and air quotes user General Michael Hayden. (Mark Wilson/Getty Images)

Former NSA and CIA chief Gen. Michael Hayden speculated on Tuesday that hackers and transparency groups would turn to cyberterror attacks if the United States captured NSA leaker Edward Snowden. He went on to dismiss Snowden supporters as “nihilists, anarchists, activists, Lulzsec, Anonymous, twenty-somethings who haven’t talked to the opposite sex in five or six years.”
That probably wasn’t the smartest thing to say because the government desperately needs hackers. And usually, when you desperately need someone, implying that they’re sex-starved, basement-dwelling, would-be terrorists isn’t a good idea.
The administration considers cybersecurity “one of the most serious economic and national security challenges we face as a nation.” Last year Defense Secretary Leon Panetta warned of a “cyber-pearl harbor” and this spring the Pentagon announced it would be increasing its cybersecurity force fivefold. But the administration has a problem: Throughout the federal government there is a lack of cybersecurity expertise.
And who has the skills to help with that? Hackers.
That’s why the NSA and other intelligence agencies have actively courted them as a source of specialized cybersecurity talent. And they had some success, like recruiting celeb hacker and security researcher Peiter “Mudge” Zatko to manage a DARPA initiative partnering with hackers to do security research from 2010 through April 2013.

Just last year, NSA Director and head of U.S. Cyber Command General Keith B. Alexander gave the keynote speech at hacker conference Def Con. Alexander argued that the government and the hackers shared responsibility for U.S. cybersecurity and stressed that “this community better than anyone” understood the cybersecurity threats facing the nation and how to mitigate them.
Alexander also said the United States didn’t keep “dossiers” on American citizens — which eventually became the basis of National Intelligence Director James Clapper’s infamously “erroneous” claim in a Senate hearing that the United States did not collect any type of data at all on millions or hundreds of millions of U.S. citizens (something the leaked Verizon order proved inaccurate).
This along with other revelations in the NSA leaks left the hacker community feeling betrayed and misled by the government. Def Con even went as far as to tell federal government attendees to stay home this year.
Even when speaking at the Black Hat conference this year, which is aimed more toward the government and contractor security crowd, Alexander was interrupted with shouts of “bulls–t.”
And Hayden’s comments only alienate hackers even more. Nick Levay, a security professional who came of age in the hacking community and is now the Chief Security Officer at cybersecurity company Bit9 (and full disclosure: a former colleague of this reporter) was angered by Hayden’s comments, which he called “deliberately provocative.”
“If the bureaucrats in Washington could get the core principles that protect the privacy of Americans distilled out of the secret FISA court opinions, and presented in a bill that makes its way through our increasingly ineffective Congress, maybe we wouldn’t have a problem with our youth becoming so nihilistic and distrusting of government,” Levay argued, adding, ”[m]aybe then, when Hayden’s successor, General Alexander, is speaking to the community he himself calls ‘the technical foundation of our world’s communications’, he wouldn’t find himself heckled by people who believe they are being lied to.”
Since Hayden’s out of the government now, he won’t have to deal with the direct fallout from his comments. But current government cybersecurity efforts will.