Cyberattacks: A Threat to Business in the US 2:26
(CNN) -
The Biden administration on Sunday faced the implications of a sudden and severe national security challenge as cyber hackers demanding ransoms target the basics of American life: food, gas, water, hospitals and transportation. .
The attacks, which have prompted the FBI director to draw comparisons to 9/11, are targeting the country's vulnerable infrastructure as it struggles to return to life after pandemic lockdowns and putting civilians on the front lines of a conflict. invisible that is likely to defy quick fixes to lessen the threat.
They leave President Joe Biden, who took office amid multiple crises, with thorny dilemmas about how to respond without escalating an entire international cyber war and expose him to new political vulnerability.
Many of the attacks appear to be the work of criminal gangs on Russian soil, adding to the pressure on the president's already tense summit next week with Russian President Vladimir Putin during his first trip abroad.
Biden and Putin will meet in June: the topics to be discussed 1:21
Energy Secretary Jennifer Granholm warned Sunday that "very evil actors" had the United States in their sights after attacks on a pipeline, government agencies, a Florida water system, schools, health care institutions and, including last week, the meat industry and a ferry service to the millionaire playground Martha's Vineyard.
"Even as we speak, there are thousands of attacks in all aspects of the energy sector and the private sector in general ... it is happening all the time," Granholm told Jake Tapper on CNN's "State of the Union."
advertising
Alarmingly, the former Michigan governor said
foreign
hackers
have the ability to shut down America's power grid, and advised companies not to pay ransoms demanded by
hackers
.
6 cyber attacks on government and business targets in the US
A price to pay for attacks
Senator of Maine, Angus King, an independent who joins the legislative group d
and
Democrats, warned that the
US was now reaping the consequences for not responding with sufficient audacity to attack past of China, Russia and Korea of the North.
«We have been a cheap date. And you can't defend yourself just by swinging, knitting, and patching. The adversary has to understand that he will pay a price, there will be a cost for attacking the United States or for attacking our critical infrastructure, "said King, also in" State of the Union. "
The candid comments from the senator and the Secretary of Energy followed even more strident warnings from FBI Director Christopher Wray, who put the threat into perspective with striking language in an interview with The Wall Street Journal last week. He agreed that there were similarities in the challenges posed by
ransomware
hackers
, who implant computer code that locks systems until victims pay, with those of September 11, 2001, when al Qaeda agents planned the worst. terrorist attack in American history.
"There are many parallels," Wray said, adding that the US government, the private sector and individual Americans needed to recognize the threat.
The Justice Department noted that it plans to coordinate its anti-ransomware efforts with the same protocols as it does for terrorism.
Could Russian hackers leave the US in the dark?
2:51
Like the attackers in 9/11,
hackers
are exploiting breaches in US security systems, and raising questions about the ability of the country's intelligence agencies and government departments to combine effectively to thwart the threats. attacks.
Unlike the attacks on New York and the Pentagon in 2001, the new threat is exposing America's fractured political unity. Republicans were quick to seize the fallout from the recent Colonial pipeline hack, which led to gas shortages, panic buying and long lines at gas stations, last month to suggest that Biden was weak and out of control. Former President Donald Trump, who is seeking a political comeback, said on Saturday that the cyberattacks showed a lost respect for American leaders since he left office.
Such political opportunism raises questions about whether Biden would be able to rally Washington around him, if he needed to muster a counterattack of a major breach of American cyber defenses by a hostile foreign power.
Biden will plan to draw defense and then go on offense
Given the wide scope of the attacks, the White House must hastily muster the defenses of a vulnerable private sector while planning responses that can, as King suggests, make the culprits pay a painful price.
Biden has already signed a decree requiring his government to make "bold changes" and "significant investments" to protect the nation's digital infrastructure that is intended to stimulate similar precautions by private companies.
On Thursday, the National Security Council's top cyber official, Anne Neuberger, wrote an open letter to corporate executives sounding the alarm and warning that the private sector needs to do much better.
And quickly.
"All organizations must recognize that no business is safe from being targeted by
ransomware
, regardless of size or location," Neuberger wrote.
Hackers paralyzed an oil pipeline.
Banks and stock exchanges are even bigger targets
But given the enormous cost of radical changes in cybersecurity and security posture, and the fact that all it takes is for a computer user to inadvertently open the gateway to cyber attackers via
malware
, ensure quickly comprehensive protection in the corporate sector is a difficult challenge.
John Negroponte, the first director of National Intelligence, a post created to fix intelligence agency dysfunction revealed by the 9/11 attacks, said Biden's decree was excellent and praised Neuberger in an appearance on "The Lead with Jake. Tapper «, on Friday.
But he argued that the government may need to force private companies to do more to disclose cyberattacks, saying that a serious attack, for example, on a healthcare system could cost lives and cause profound economic impact.
“I think there has been a reluctance to move because I think the private sector has resisted being forced to cooperate in certain areas.
And I think that ultimately, there is going to have to be legislation, "Negroponte said.
Microsoft warns of group cyberattacks in Russia 2:38
A confrontation with Putin over cyber attacks
The FBI has said that the cyber attack on the Colonial Pipeline was likely orchestrated by the cyber blackmail network known as DarkSide, which experts suspect is based in Russia.
The White House said last week that an attack on JBS USA, one of the world's largest food companies, was the work of a "criminal organization probably based in Russia."
The new attacks mean even greater scrutiny for Biden's Geneva summit with Putin on June 16. The United States and Russia are already divided by electoral interference, Moscow's pressure on Ukraine, human rights and strategic issues. But the US president will now be under even greater pressure to publicly enact the law to a rival who has repeatedly managed to outperform the past three US presidents. Biden last week offered a cursory "No" when asked if Putin was testing it. Putin, with the poker face of a former KGB agent, said last week that the accusations against Moscow were nonsense, Reuters reported.
The fact that the attacks are attributed to private companies gives Putin a veneer of denial. But given the nature of the Russian security state and the nexus between organized crime and intelligence services, it is fair to conclude that Putin could stop the attacks if he wanted to. In fact, the attacks appear to align with the interests of the Russian leader. The thrust of his foreign policy for the past decade or so has been to weaken the United States in order to increase Russia's relative power and prestige. The chaos and political recriminations sparked by cyberattacks parallel the internal discord sown by what US spy agencies say is Russia's war of disinformation and propaganda during the last two US election campaigns, on behalf of Trump.
Hacked US government agencies 1:52
Republican Senator Roy Blunt of Missouri said Sunday that Russians must begin to pay a price for tacit acceptance of criminal
ransomware
attacks
.
"You really have to treat Russia as if it were virtually a criminal enterprise," Blunt said on NBC's "Meet the Press."
“You know, they harbor criminals, they don't appreciate the rule of law or any kind of level of personal freedom.
And I do think we have to go back.
Retaliation is a danger in itself
The question of what kind of retaliation the United States should launch is a tense one.
For starters, the cyber warfare battlefield is in the shadows, meaning there is little public evidence of actions the United States may have already taken or the cathartic satisfaction of visible retaliation.
But any counterattack must be calibrated to avoid an escalation that could not only cause a dangerous confrontation between the United States and other nuclear powers, but could also simply invite more attacks on American soil.
In April, the administration announced sanctions for Russia's interference in the 2020 US elections and the attack on software developer SolarWinds, one of the worst data breaches to ever hit the US government.
Russia calls US sanctions illegitimate 2:01
But there is little evidence of effective deterrence.
Microsoft recently said that
hackers
who are part of the same Russian group behind the attack on SolarWinds have targeted more than 150 government agencies, think tanks and other organizations in the US and elsewhere.
US Defense Secretary Lloyd Austin told CNN in an interview last month that the United States has the "ability to carry out offensive operations" and also to defend itself, but he declined to specify exactly what. America could do.
That's Biden's problem as he struggles with another cascading crisis.
CyberattacksHackersRussia
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/H6SX4JB4HJIOMBO3FUP6IGGLUI.jpg)
