Alan Grayson: Is Keith Alexander Selling Classified Information to the Banks?

I’ve been tracking Keith Alexander’s utterly predictable new gig, getting rich off of having drummed up cybersecurity concerns for the last several years, while at the same time shacking up with the most dubious of shadow bank regulators, Promontory Financial Group.

Apparently, I’m not the only one. Alan Grayson just sent some of the entities that Alexander has been drumming up business with — the Security Industries and Financial Markets Association, Consumer Bankers Association, and Financial Services Roundtable — a letter asking how the former NSA Director can be making a reported $600,000 a month. He cites Bruce Schneier wondering whether part of the deal is that Alexander will share classified information he learned while at NSA.

Security expert Bruce Schneier noted that this fee for Alexander’s services is on its face unreasonable. “Think of how much actual security they could buy with that $600K a month.Unless he’s giving them classified information.” Schneier also quoted, which headlined this news as: “For another million, I’ll show you the back door we put in your router.”


Disclosing or misusing classified information for profit is, as Mr. Alexander well knows, a felony. I question how Mr. Alexander can provide any of the services he is offering unless he discloses or misuses classified information, including extremely sensitive sources and methods. Without the classified information that he acquired in his former position, he literally would have nothing to offer to you.

Please send me all information related to your negotiations with Mr. Alexander, so that Congress can verify whether or not he is selling military and cybersecurity secrets to the financial services industry for personal gain.

Alexander is just the latest of a long line of people who profit directly off driving up the cybersecurity threat. But — as notes — he’s also got the kind of inside information that could be particularly valuable.

As the Intelligence Industrial Complex and the Banking industry hop into bed together, there ought to be some transparency about just what kind of deals are being made. There’s simply too much immunity handed out to this community to let boondoggles like Alexander’s slide.

The intelligence community is subjecting every low level clearance holder to intense scrutiny right now. But thus far, there has not been a peep from those quarters that the former DIRNSA could command these fees for the expertise gained while overseeing the nation’s secrets.

12 replies
  1. Joanne Leon says:

    Alexander was hell bent on getting specific cybersecurity law through Congress that would create a public-private cybersecurity/intelligence sharing arrangement. Snowden threw a monkey wrench into that. Have to wonder if the law would be retroactive, for things they’re already doing at NSA. It wouldn’t be the first time.

    • emptywheel says:

      DiFi just introduced her version of it. So it’s in the works. Will probably help Mike Rogers cash in, too.

    • CTuttle says:

      that would create a public-private cybersecurity/intelligence sharing arrangement.

      Even here in the last Union-based liberal bastion, we’re fighting the Unions to stop promoting/endorsing the insidious ‘Public-Private Partnerships’ that are selling off our Public Lands and Resources for Private Profit(and for mere peanuts)…! Legacy gifts from Sen. Inouye’s toxic Kingpin apparatchik…! 8-(

  2. solbus says:

    Yet one more reason why we need a substantial cooling off period between exiting government intelligence employment and joining private-anything-sensitive. For a minimum five years. And langer, particularly in regards to foreign states.

  3. George Capehart says:

    Lets see . . . /*twice*/ during Alexander’s reign, people were able to poke around all the dark corners of NSA-maintained “secure” networks, and neither time did anyone have a clue that anything had happened until Manning’s videos and cables showed up on Wikileaks and Snowdens documents showed up on The Guardian and the Washington Post. And /*this*/ is the person you want to tell you how to run your information security practices?

    Pogo is still right.

    • Joanne Leon says:

      That’s a fantastic point. With all the security breaches, surely nobody would hire NSA or DoD cybersecurity people for *defensive* measures for the private sector. Hell, our own govt admits that China, et al, hacks our DoD network regularly. NSA admitted they had no idea what Snowden even took.

      But *defense* doesn’t seem to be their main focus or their specialty, based on what we’ve seen from the Snowden files. From the slides we’ve seen, they seem to be over the top psyched about what they can do on offense.

      Personally, and I’m not saying this is what Alexander is doing, but I have always thought that the two most obvious things that corrupt people would do with the kind of data that NSA & GCHQ captures and analyzes is use it for money and power. I mean, that’s the first thing that everyone thought of when they heard about the scope of this global surveillance, right?

      What would you do if you had access to those kinds of tools? Well, you’d rig markets and get as much insider info as possible. Rigging markets is a favorite pastime of financial elites already, as we know. Some special markets and indicators are managed by a relative few people and some of the rigging has been exposed and presumably stopped, removing a major advantage.

      And you’d use it to influence or manipulate candidates and elections to make sure you always had cronies in high places, perhaps all over the world.

      Lastly you’d use it to your advantage with respect to your competition and your enemies and your critics.

      Wall Street already knows how to get in touch with the hacker community, how to buy them and hire them. They didn’t need any help with that. But they don’t have a massive network of satellites, tapped undersea cables, tapped internet backbone, tapped mobile networks and massive data centers that can scan, convert and analyze huge amounts of voice and text traffic. And they can’t do that kind of thing while wearing a govt badge.

      • Burythehatchet says:

        Thank you for a clear articulation of the same logic path that I too have followed.

        There is something so visceral and abominable about a person such as Keith Alexander who becomes so corrupted with power. The question remains, does President Obama have the courage to actually apply the force of DOJ to investigate this matter?

  4. George Capehart says:

    P.S. I was the technical program manager for the second online banking application in the later ’90s. Our security was light-years ahead of that on JWICS and NSA Net.

    • Joanne Leon says:

      I have similar work experience in that field, same time frame. Next door to us was a group of employees different than all others in the firm — the hacker department. Firm hired a couple dozen hackers and their only job was to try to break into the firm’s systems. All day. Every day. Not contractors. Permanent hires. I’m guessing that dept. has grown quite a bit.

  5. RUKidding says:

    “The question remains, does President Obama have the courage to actually apply the force of DOJ to investigate this matter?”

    That’s a joke, right? No offense intended. IMO Obama’s just part & parcel of the whole shebang & is run by Deep State.

    Thanks for the updates on the nefarious crook, Keith Alexander. He’s an ill wind that bodes no good, and it’s utterly unsurprising what he’s doing now.

    Joanne Leon sums up nicely what the current state of affairs is most likely to be. Of course, all that data can ALSO be used against the rabble should we dare to somehow manage to “rise up,” as we saw so clearly with the Occupy movement. But the main goal of all this data tapping/mining/extraction/whatever is for money & power, the end.

    No there shouldn’t be the revolving door from govt – at whatever level – to private sector, but there is, and I don’t see it changing any time soon. And yes, clearly someone at Alexander’s level in what’s laughingly called US “security” going straight to the private sector *should* be illegal… but it’s not. Suck on it, 99s!

  6. Cujo359 says:

    It’s ironic that there was a time when one of the best ways to secure your own computer networks was to get the appropriate checklists from the NSA’s open website and follow them. I can’t imagine many people would do that now.

    Even so, doing what the government used to do to secure its networks is still a good first step. Maintain security patches, limit software to what’s needed and known to be dependable, and limit access to private networks. You can find advice like that on any good computer security website nowadays, though. It’s not to hard to find sites that talk about securing most of the major operating systems and applications, also. Like Bruce Schneier, I have trouble believing that anything Keith Alexander could legally tell you about computer security is worth what he’s asking.

  7. Linda Lewis says:

    Glad to see someone else asking these questions. Managerial skills tend to have a longer shelf life than insider information, so it seems noteworthy that some former intel officals change companies frequently.

Comments are closed.