>> general motors was hopeful with the volt. they ended one a timer on it that looks like what i've got on my lawn sprinkler to set it to charge at night because it's not ready to talk to the smart grid. >> sorry, we have to end it there. so much so much matt wald energy reporter at "the new york times." appreciate you coming in this morning. >> thank you. live now to the american enterprise institute in washington, d.c. director keith alexander will give the keynote address on cyber security threats. we're expecting this to get underway shortly.

we're standing by at the american enterprise institute in washington, d.c. we're expecting general keith alexander, he's the director of the national security agency and he'll be giving the keynote address and discusses cyber security threats. we're expecting this to get underway shortly. also by the way, paul wolf wits the former world bank president and former deptsy secretary will be introducing general alexander.

a quick programming note as we're waiting for this event to

start. at 5:00 we go live to capitol hill where the house rules committee will be holding a meeting on repealing president obama's health care law. republican majority leader eric cantor introduced legislation to repeal the health care with a vote set for this wednesday july 11th. last month the supreme court in a 5-4 vote upheld the health care law and we'll have that rules committee meeting beginning at 5:00 p.m. eastern here on c-span3.

i should say thank you all for coming and brave this 83 degree coal wave that struck washington. judging from the size of the crowd and the number of cameras here, i don't think anyone needs me to underscore the importance

of this subject. it's testimony not only to the subject matter, but the stature of our speaker. but nempls indulge me just a couple minutes to provide what i think is some useless historic context. and to think back to the beginning not of this century but of the last, the world today is transfixed by the phenomenon of rapid economic growth in a number of countries that is rapidly creating new major powers in the world. the biggest are china and india. but some others that would look fairly large in comparison to great powers in the past such as vietnam, russia, indonesia, brazil are all growing rapidly and becoming much bigger players in the world. 100 years ago, the rise of germany as a great power led to two catastrophically destructive

wars which also spawned a number of tragedies such as nazyism and boll shifism which turned the 20th century into the bloodiest century in history. we can't afford to repeat that history with even more terrible weapons of the 21st century. so the challenge of managing emerging powers has become arguably the major challenge of our time. not that we're short on challenges. success in that effort depends on many factors of which the military is only one and perhaps not hopefully one might say not even the most important one. but it is important and it is important to recall the history of that last bloody century. it was not only the economic strength, but the way it succeeded twice in transforming economic power into military

power particularly with the mastery of armored warfare in the 1930s. it's worth recalling germany didn't invent the tank. the british and french fielded tanks and sort of mobile artillery at tend of world war i. indeed when the battle of france took place which led to a catastrophic defeat in a matter of four weeks or so. the british and french together fielded as many tapgs as germany. it wasn't superiority in numbers that led to german victory. stunning victory. but rather superiority in understanding how that new technology could be exploited for military advantage. when we think about a technology that could have similar multiplier effects in our time. cyber technology stands out as an obvious perhaps the most obvious candidate. and unfortunately it's not only a potentially dangerous tool in

the hands of states, but in the hands of nonstate actors as well. and david sanger's rather famous, notorious, but definitely much discussed recent book he describes an incident where senators invited by the white house just this march filed into a secure briefing room on capitol hill for a demonstration designed as he puts it to scare the hell out of them. roughly half an hour the senators got a vivid demonstration of what it might look like if a dedicated hacker or enemy state decided to turn off the lights in new york city. among those who came to make the case was general keith alexander who runs the national security agency under u.s. cyber command. sanger goes on to say that general alexander is one of the quote most important figures in washington that no one ever heard of. i guess that's not true anymore

judging from this room. he also says that in rare moments when he talks in politics, general alexander is pretty soft spoken about america's vulnerability to such attacks. but said one senator in a classified setting like the one the other day, it's very different. i don't know what that means exactly what about what to expect from our speaker today, i do know we could not have a better speaker to address this subject. general alexander enrolled in the u.s. military academy in the class of 1974. it was a maybe the first post vietnam class of members of that class actually were joining an constitution whose future was very much in doubt. they may joke sometimes about themselves. but general david petraeus is one of the distinguished graduates of that class has said they also called themselves class of 74 pride of the corp. that class has produced general petraeus, general alexander and

general dempsey. which is not bad for people entering an institution whose future they weren't sure of. actually general alexander thought he would only go in for five years. but came to see a career in military intelligence. it's been an outstanding career. i knew him and worked closely with him when i was deputy of security defense. first in 2001 to 2003 and when he was deputy chief of staff for the army for intelligence from 2003 to five. i was told even before i met general alexander that this was an exceptional officer and a real innovator. after working with him for four years, i can certainly confirm that description. of course, he's since gone on to become the director of the national security agency serving in that position since august 1st of 2005. that's a record.

you can do the math seven years it almost sounds like a life sentence. we are very luck lucky that he's served that long and two different administrations have seen the enormous value that he brings to the job. for the last two years he was given the additional duties as commander of the united states cyber command. to both those positions he brings some uniquely suitable qualities. he's an innovator and a leader but not a self-promoter. he's intensely focused but also deceptively low key. he's a risk taker, but he's also very careful about details. and i might add he's very smart. oh, yeah, one other thing. he doesn't like publicity. sew i'm not sure what we should expect today. but i know we're lucky to have him with us. please going me in welcoming general keith alexander. [ applause ]

>> part of the reason i don't like publicity is my mother used to say i have a face made for radio. and another comment you could probably add to it is behind every successful army officer is a stunned father-in-law. we have that as well. there's a few things that i'd like to talk about today. i know we're going to have a small group of about 25 to 30 people to do that with. i see that's grown slightly. there are some things that i do want to put on the table for us to discuss and i know we're going to have a panel that we'll talk about what we talk about here later in more detail. first, what secretary wolf wits

brought out i think is absolutely important for our nation. cyber legislation. i think it's important that we talk about this. i'm not here to talk about any specific piece of legislation, but i do think it's important that we as a nation look at this and say what do we need for our country? and how do we do that? and let's put all the facts on the table as we talk about this from civil liberties and privacy i think it's important that we talk about that. to protect this country from a cyber attack. how are we going to do that? you know, we just finished up the fourth of july. i had the privilege and honor of hosting 14 young children at my house. my grandchildren. and when you look at these kids between the age of 1 and 10, the average age i guess you could use a distribution is about 3. they all have ipods, little ds's

they're all tremendously smart. you think about it. they are connected to the web when they start. they can run these things down to a battery and they'll just plug it in and i can keep ongoing. just plug it in i can keep playing. it's amazing what's going on in this world. think about the opportunities that we have. in -- in the tweer 2000 there were 260 million people on the internet. today first quarter 2012, 2.3 billion. and there's today over 200 million u.s. email users. in 2011, there were about 107 trillion emails sent. that averages out to a little over 293 billion a day. a large portion of that spam email. it's also interesting the united states hosts 43% of the top one

million websites in the world. 43%. that's a little over 430,000 of the top websites in the world. and by august of this year, facebook is expected to go over a billion users. that would make that the third largest country of medicines in the world. incredible changes. the united states would have 184 facebook users and 24% of websites has facebook integrated into it. in one year this last year 461 mobile devices were sold. cisco traffic will evolve and grow 15 times between now and 2016. u.s. cell phone users 165 million and 90 million check their email every day. my daughters check their email

every half-hour. and many of you do the same. how many now get in a conversation you get in a conversation all of a sudden email just came through. and you say i thought we were talking here. no. i got that email. it is good. there are 500,000 apps for the iphone and about 280,000 apps for android. by 2016 the world population is expected to be at 7.3 billion. and the world's mobile device population 10 billion. some of you already know who you are have two of those devices and an ipad or a mobile tablet. it is growing. it's incredible what we're going to be able to do with this technology. think about it. think of what we can do for medicine. for gene research. what hospitals will do by 2015 that we couldn't do a decade ago. this is incredible opportunities. and stuff that we have to now

take the next step. think about it. we're the country that made much of this technology. and we ought to be the first ones to secure it. so let's talk about the vulnerabilities and those things are coming in because that's the real problem. caan hear me? can you hear me now? a little louder. i probably moved this too far away. can you hear me in the back? don't worry, you didn't miss anything. if you need some quotes get some good ones. there was nothing worth quoting there. look at the number of pieces of malware. macafee has got some great statistics on this. all of these statistics are publicly available. you can go out on the network and pull down some of these.

they have some great things, some great statistics on where we are today. and if you go to mcafee, they will tell you that they've got 75 million unique pieces of malware in their inventory right now. 75 million pieces of malware. that's roughly 1/3 of the email that's going up on the network today are sent by botanists. over 100 countries have network exploitation capabilities. in 2011 the number of cyber attacks rose 44%. malware increased by 60%. and the number of attacks on u.s. critical infrastructure went from nine in twine to over 160 in 2011. and from january of 2011 to june

of 2011, 19,000 malicious addresses appeared a day. 80% of the websites have been hacked or compromised. it's interesting when you go out to companies fortune 500, of 168 companies they were queried 162 had been hacked. i'm going to give you some insights into some of those that have been hacked. just some unique statistics on this when you start to look at what's going on. in june of 2011 google was hacked. in august another u.s. company. mitsubishi heavy industries in september. sony in october. at&t in november. chamber of commerce in december.

salesman tech in january. nissan of april of 2012. visa and mastercard april of 2012. when you look at this you look at these companies the first thing you say these are some really good companies. what's goi on? some of ese are the best in our nation. why are they being hacked? let me explain. they're the ones that know they're being hacked. your experience is when we look intthat when fbi and others look into it they find out that there are more than 100 companies for every one that knows they've been hacked that doesn't know they've been hacked. that's significant. in fact, in my opinion it's the greatest transfer of wealth in history. symantec placed the cost of i.d. theft at $250 billion a year. global cyber crime at $114 billion annually. $388 billion when you factor in

down time and mcafee estimates that $1 trillion was spent globally under remediation. that's our future disappearing in front of us. so let me put this in context, if i could. we have this tremendous opportunity with the devices that we're using. we're going mobile, but they're not secure. tremendous vulnerabilities. our companies use these. orb kids use these. we use these devices they're not secure. when you look at what happened in 2007, look at what happened in latvia, lithuania, georgia,izer buy january, kurdistan and other countries hit by cyber attacks we've gone from escalating networks for

sblegt property to attacks. these attacks have been disruptive in nature. this is like the kids all screaming at once at supper time. it happened every night. and -- that was the joke. i'm sorry. the kids screaming every night and you're trying to talk, have a conversation. you can't community indicate. as soon as they're quiet, you can communicate. in a disruptive or distributed service attack is much like that. the communication pipes are filled up with this spam or got net email that's distributed through the service and there are different versions of this that either block the communications channel or use up the computer capability of your system. either way you can't communicate. as soon as that stops and that's cleared out. you can go back to

communications. what i am concerned about and what i think we really need to be concerned about is when these transition from disruptive to destructive attacks. i think those are coming. in a disruptive attack it would simply make your computer not work anymore or have to be replaced. if some other portion of if firmware were destroyed, your system would have to be replaced to work again. we've got to consider that those are going to happen. those are coming up. we have to be ready for that. so what do we talk about here. this makes it more difficult than the nuclear deterrent strategies and theories that we talked about in the past. when you think about cyber actors let's put them into five groups, nation states, cyber criminals, hackers, activist and terrorists. not all of those are nation

states. you're not talking about just nation on nation deterrence theory. you have other nonnation state actors that you now have to consider. in one of those attacks you may not know who's doing it. who is attacking your systems. either way, the outcome could be the same. you lose the financial sector or the power grid or your systems capabilities for a period of time. doesn't matter who did it. you still lose that. so you've got to come one a defensive strategy that solves that. from my perspective. so, let's talk ant that in a couple different venues. first, a closer look at some of the international programs and i want to use some quotes here just to show it it is a team sport because i think one of the things that people look to us and say well are you going to

handle all this? i come from the tom sawyer huckleberry finn approach. we want to get as many people as we can working together to solve this problem and that's what it takes. i think the white house has led a great effort on bringing that team together both past and present. bringing in dhs and their role in working with commercial industry private sector, fbi and their goal in law enforcement and dod and the intel community that's all. bringing us all in as a team with our responsibility being the foreign intelligence and defend the nation from an attack. let me give you some notes about what secretary clinton has noted. the united states has growing concern about cyber intrusions, the theft of intellectual property, the commercial data by

cyber names. just this past month in june secretary panetta will testify before the senate appropriations subcommittee on defense said america faces the potential threat for another pearl harbor and at technologically the capability to paralyze this country is there now. he went on to say that the more this technology develops the more the world could potentially use it increases. we're working with many countries on this issue to respond to these type of risks. at the 2012 u.s. china strategic and economic dialogue, for example, secretary clinton stated that as two of the word's largest cyber actors it is vital to the united states and china to have the sustained meaningful dialogue on cyberspace issues and work together to develop a shared understanding of