LONDON, UK: The U.S. government's defences against foreign cyber-foes are "very much a close-run thing" but experience has quickened and toughened its response to attack, a veteran of the National Security Agency (NSA) said on Thursday.
"You are never going to be bullet-proof," Prescott Winter, a former chief information officer and chief technology officer for the NSA, the world's largest electronic eavesdropping agency, told Reuters on a visit to London.
"But because we've been living with that (threat) for so long, we've learned to deal with it.
"The fundamental issue here is not absolute prevention or absolute deterrence, it's resilience. It's the ability to identify what's happening and respond to it quickly."
Winter, who left the NSA in February after more than 25 years' service, added in an interview the security industry's blocking of the powerful Conficker virus in 2009 was an example of collaborative resilience by the public and private sector.
But Winter noted state bodies remained under "great stress" from cyber attacks, saying the Pentagon, for example, logged 350 million identified attacks in 2008 versus six million in 2006.
Asked if Washington was winning the struggle, Winter, now Chief Technology Officer for public sector operations at cybersecurity company ArcSight Inc, replied:
"I would say that in the best cases we are almost keeping up. It's very much a close-run thing and on any given day you're not so sure we're winning. But at the end of the day, we are responding with resiliency, so I have to be somewhat optimistic."
"SPOOKY SIGNALS"
He said U.S. cyber defences could be boosted by international cooperation - so far embryonic - on Internet security and by improving the management and integration of information among U.S. intelligence agencies, a community critics have said is unwieldy and top-heavy with bureaucracy.
Winter suggested the latter task was proving a challenge, saying "governance and process issues" bedevilled progress.
"Everybody wants to talk about electrons flashing around in the dark, spooky signals and things like that. That's not what's holding us back: it's management issues, it's leadership, willpower and focus," he said, referring to the "large, complex, diffuse organisational structures" of the espionage community.
He declined to comment in detail on the offensive cyber capabilities of the Iranian, Chinese and Russian governments, but said "it's clear that there is considerable expertise."
The United States for long accused the Chinese and Russians of using cyber attacks to try to steal American trade secrets.
In March, Google Inc shut its mainland Chinese-language portal and began rerouting searches to its Hong Kong site, after cyber attacks it said came from within China.
Analysts said those attacks were sophisticated, possibly overseen or abetted by the Chinese military. China has denied its People's Liberation Army took part in Internet hacking.
Asked for his sense of the ties between patriotic Chinese computer enthusiasts, seen by some analysts as the authors of digital attacks on U.S. targets, and the Chinese state and its army cyber schools, Winter replied: "As is true with many other features of Chinese society, there is a very high degree of coherence across those groups."