Keith Alexander to Earn $600,000 a Month for Preventing DDos Attacks

When Politico reported that Keith Alexander was shacking up with shadow regulator Promontory Financial Group to profit off his cyber fear-mongering, I knew he’d be raking in the bucks.

Bloomberg provides more details on how much: his asking price starts at $1M a month, from which he negotiates down to a mere $600,000.

Alexander, 62, said in the interview he was invited to give a talk to the Securities Industry and Financial Markets Association, known as Sifma, shortly after leaving the NSA and starting his firm, IronNet Cybersecurity Inc. He has met with other finance groups including the Consumer Bankers Association, the Financial Services Roundtable and The Clearing House.

At the sessions, Alexander discussed destructive computer programs such as Wiper, which the U.S. government said was notable because attacks using it appeared to originate from North Korea and Iran. “I told them I did think they could defend against that,” Alexander said.

Still, despite the banks’ growing investments in computer security, Alexander said, “many of them aren’t really confident they’re getting their money’s worth.”

[snip]

Sifma Meeting

Alexander offered to provide advice to Sifma for $1 million a month, according to two people briefed on the talks. The asking price later dropped to $600,000, the people said, speaking on condition of anonymity because the negotiation was private.

Alexander declined to comment on the details, except to say that his firm will have contracts “in the near future.”

The article talks in terms of the DDoS attacks launched against US bank websites last year, as well as Wiper, which is allegedly tied to the StuxNet family (and therefore is something with which ALexander ought to be intimately familiar).

What he doesn’t seem to be promising he can fix are things like the recent hack of a hedge fund’s High Frequency Trading algorithms (about which I am simply failing not to laugh hysterically at … sorry, hedgies).

No wonder the banks doubt they’re getting their money’s worth.

It’s hard to read this as anything but a scam. Not only has Alexander spent the last year talking up the risk of cyberattacks, not only has he had access to whatever bank secrets haven’t been encrypted for the last 8 years, plus the double dipping in SWIFT databases. But he also knows what holes NSA hasn’t fixed.

Ultimately, though, this all serves to obscure the fact that these banks are rickety all by themselves, with or without a hacker’s help (which is one reason I’m laughing at that HFT hack). There’s only so much you can do to harden that target, and the banks won’t do it.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

12 replies
  1. TomVet says:

    I’m not sure Alexander personally has all the nitty gritty tech chops. He would be valuable for his contacts, both in the tech world and government. But I’m certain he knows plenty of very able coders who are displeased with their current employment at his previous post who would jump ship in a heartbleed for the kind of $$$ he can offer them now.
    .
    By the way, isn’t there some sort of clause that prohibits gov employees from transitioning into this so rapidly? There should be.

  2. earlofhuntingdon says:

    A tad more than chump change. I’ll bet you could hire Edward Snowden for half that, and he’d have more practical experience, if not the lobbying clout.

    This has the appearance of eye candy, not substantive improvement. It’s an AIG/Madoff insurance promo, like putting up a sign for a famous security company outside your home, but not signing up the for service. As you say, it’s no good armouring the door if you can poke a stick through the wall.

  3. P J Evans says:

    Maybe the people who own Ancestry.com and its associated sites should hire him. They’ve been having trouble since Sunday with a massive DDoS attack.

  4. C says:

    He isn’t expected to do anything himself. You hire someone like him because they know whom to call to get what you want done done. His internal NSA rolodex and capitol hill clout are what they pay for not his ability to do a damn thing.

  5. Ben Franklin says:

    I find it reasonable to enact a moratorium on Policy wankers whether elected or appointed, of up to two years, so the revolving door doesn’t hit us in the arse.

  6. Jerryy says:

    …”anything but a scam.” is putting it gently.
    .
    Stopping ddos attacks is something the best minds in the IT industry have been working on since this method of attacking was invented and the best anyone has come up are expensive stopgaps such as:
    .
    http://www.techrepublic.com/blog/it-security/ddos-attack-methods-and-how-to-prevent-or-mitigate-them/
    .
    The world awaits KA’s magic wand counter approach with bated breath.
    .
    ps are banker bailout funds gonna pay for this?
    .

    • RUKidding says:

      Vis banker bail out funds: I think those were skimmed up by the Bankster 1%ers a long long time ago, and we’ll never ever see that money again. I hear-tell that the 1% now all own super gargantuan yachts & Old Masters paintings and stuff. Now get back to work you lazy scum slacker!

  7. RUKidding says:

    I won’t hold my breath waiting to see if Alexander’s vast great network of IT BFFs can actually fix or improve anything. As far as I can see, the NSA has a pretty lousy record in fixing things or really making us “secure” from some kind of cyber attack. Seems to me (I could surely be wrong) that a lotta money was siphoned off at the top to go into 1% pockets. Then the rest seems to be spent on IT nerds figuring out how to spy on US citizens for fun & oppression.

    Where’s the record of how NSA supposedly kept us more “secure” from anything? Oh yeah, right: it’s “top secret.” nyah nyah

    Of course, Alexander went through the revolving door, despite his massive expenditures on useless idiocies like a very expensive Star Trek Bridge office that was deemed “necessary” (what a putz. is this guy like a juvenile?). He’s got contacts. Maybe he can get some others out of nasty scrapes or help them avoid following laws with no repercussions. Isn’t that more to the point?

    DDoS? Does Alexander even know what that is? Does he even give a hoot?

    • jo6pac says:

      Yes, like that’s nice little bank you have there you won’t anything to happen to it would you? Then banksters hand over the envelopes with unmarked $100.00, takes me back to the old days of tricky dick.

      Thanks for covering this.

  8. orionATL says:

    jesus! what kind of walking moral trash heap would leave a high-level military job like alexander had and sell himself to corporations for $600k a lay.

    general keith could have decided to educate the public and corporations for costs; he decided instead to go for their gold.

    this says a lot about the man who recently commented publicly with regard to criticism of his spying program that “our society seems to be drifting”.

    a con artist of a natsec bureaucrat has transmogrified himself into a con artist of a corporate advisor, and why not? corporate officials are as foolish, group-think oriented, and stampedable as congress slouches.

    next up: general keith as a republican candidate for congress. after all, name recognition is all that counts in contemporary american politics.

Comments are closed.