Ransomware attacks put Biden in serious national security crisis
The Biden administration was faced on Sunday with the implications of a sudden and serious national security challenge as ransom-demanding cyber hackers target the staples of American living – food, gas, water, hospitals and transportation.
The assaults, which led the FBI director to draw comparisons to 9/11, target vulnerable infrastructure across the country as they struggle to come to life after pandemic shutdowns and put civilians on the front lines of a potentially invisible conflict. to challenge quick fixes to decrease the threat.
They leave President Joe Biden, who has taken office amid multiple crises, with thorny dilemmas of how to respond without escalating a full international cyber war and exposing him to new political vulnerability. Many of the attacks appear to be the work of criminal gangs on Russian soil, putting more pressure on the president’s already tense, high-stakes summit next week with President Vladimir Putin on his first trip abroad.
Energy Secretary Jennifer Granholm warned on Sunday that “very malicious actors” had the United States in their sights after attacks on pipeline, government agencies, Florida water system , schools, health facilities and, even last week, the meat industry and ferry service. at millionaire’s Martha’s Vineyard playground.
“As we speak, there are thousands of attacks on all aspects of the energy sector and the private sector in general… it happens all the time,” Granholm told Jake Tapper on “L ‘State of the Union’ from CNN.
Alarmingly, the former Michigan governor has said foreign hackers have the ability to shut down the U.S. electricity grid and advised companies against paying the ransoms demanded by hackers.
A price to pay
Maine Senator Angus King, an independent who meets with Democrats, warned that the United States is now reaping the consequences of its failure to respond boldly enough to past attacks from China, Russia and the United States. North Korea.
“We were a cheap date. And you can’t defend yourself just by swinging, weaving, and patching. The adversary must understand that he will pay a price, there will be a cost to attack the United States or to attack our critical infrastructure, ”said King, also on“ State of the Union ”.
The outspoken comments from the senator and secretary followed even sharper warnings from FBI Director Christopher Wray, who put the threat into perspective with vivid language in an interview with the Wall Street Journal last week. He acknowledged that there were similarities between the challenges posed by ransomware hackers, who implant computer code that locks down systems until victims pay, with those of September 11, 2001, when agents Al-Qaeda planned the worst terrorist attack in US history.
“There are a lot of parallels,” Wray said, adding that the US government, the private sector and the Americans need to recognize the threat. The Justice Department has announced plans to coordinate its anti-ransomware efforts with the same protocols as for terrorism.
Like the 9/11 attackers, hackers exploit loopholes in U.S. security systems and raise questions about the ability of U.S. intelligence agencies and government services to combine effectively to thwart attacks.
Unlike the attacks in New York and the Pentagon in 2001, the new threat exposes the fractured political unity of the United States. Republicans were quick to grasp the consequences of the recent colonial pipeline hack that sparked gas shortages, panic buying and long lines at the pump last month to suggest Biden was weak and had lost control. Former President Donald Trump, who is seeking political return, said on Saturday that cyber attacks have shown a lack of respect for US leaders since he left office.
Such political opportunism casts doubt on Biden’s ability to unite Washington around him, if he were to stage a counterattack against a major breach of US cyber defenses by a hostile foreign power.
Biden prepares the defense then goes on the offensive
Given the scale of the attacks, the White House must hastily assemble the defenses of a vulnerable private sector while planning responses that may, as King suggests, pay the perpetrators a painful price.
Biden has already signed an executive order requiring his government to make “bold changes” and “significant investments” to protect the country’s digital infrastructure, which aims to encourage private companies to take similar precautions. On Thursday, the National Security Council’s top cyber official, Anne Neuberger, wrote an open letter to business executives to sound the alarm and warn that the private sector needs to do much better. And quickly. “All organizations must recognize that no business is immune from being targeted by ransomware, regardless of its size or location,” Neuberger wrote.
But given the enormous cost of sweeping cybersecurity posture and security changes, and the fact that all it takes is one computer user to inadvertently open the gateway to cyber attackers via malware , quickly ensuring comprehensive protection in the corporate sector is a difficult challenge.
John Negroponte, the first director of national intelligence – a post created to correct the dysfunction of intelligence agencies revealed by the 9/11 attacks – said Biden’s decree was excellent and praised Neuberger during a appearance on ‘The Lead with Jake Tapper’ Friday. But he argued that the government may have to force private companies to do more to disclose cyber attacks, saying that a serious attack, for example, on a healthcare system could cost lives and have a profound economic impact.
“I think there has been a reluctance to move because I think the private sector has resisted being forced to cooperate in certain areas. And I think at the end of the day there will have to be legislation, ”said Negroponte.
A confrontation with Putin
The FBI said the cyber attack on the Colonial Pipeline was likely orchestrated by the ransomware network known as DarkSide, which experts suspect to be based in Russia. The White House said last week that an attack on JBS USA, one of the world’s largest food companies, was the work of a “criminal organization likely based in Russia.”
The new attacks mean an even closer examination of the Biden summit in Geneva with Putin on June 16. The United States and Russia are already divided by electoral interference, Moscow pressure on Ukraine, human rights and strategic issues. But the US president will now be under even more pressure to publicly impose the law on a rival who has repeatedly managed to outsmart the last three US presidents. Biden last week offered a superficial “no” when asked if Putin was testing him. Putin, with the straight face of a former KGB officer, said last week that the accusations against Moscow were absurd, Reuters reported.
The fact that the attacks are blamed on private companies gives Putin a veneer of denial. But given the nature of the Russian security state and the link between organized crime and intelligence services, it’s fair to conclude that Putin could stop the attacks if he wanted to. In fact, the attacks appear to align with the interests of the Russian leader. The goal of its foreign policy over the past decade has been to weaken the United States in order to increase Russia’s relative power and prestige. The political chaos and recriminations sparked by the cyber attacks parallel the internal discord sown by what US spy agencies say is Russia’s war of disinformation and propaganda over the past two US election campaigns – on behalf of Trump.
Republican Senator Roy Blunt of Missouri said on Sunday that the Russians had to start paying the price for tacit acceptance of criminal ransomware attacks.
“You really have to treat Russia like it’s virtually a criminal enterprise,” Blunt said on NBC’s “Meet the Press”. “You know, they harbor criminals, they don’t appreciate the rule of law or any kind of level of personal freedom. And I think we have to step back.
Retaliation is a danger in itself
The question of what kind of retaliation the United States should initiate is a delicate one.
For starters, the cyberwar battlefield is in the shadows, meaning there is little public evidence of actions the United States may have already taken or the cathartic satisfaction of visible retaliation.
But any counterattack must be calibrated to avoid an escalation that could not only cause a dangerous standoff between the United States and other nuclear powers, but could also simply invite more attacks on American soil.
In April, the administration announced sanctions, including for Russian interference in the 2020 US election and the attack on software developer SolarWinds, one of the worst data breaches the US government has ever committed. .
But there is little evidence of effective deterrence. Microsoft recently said that hackers from the same Russian group behind the SolarWinds hack attacked more than 150 government agencies, think tanks and other organizations in the United States and elsewhere.
US Secretary of Defense Lloyd Austin told CNN in an interview last month that the United States has the “capability to conduct offensive operations” and also to defend itself – but declined to specify exactly what the United States could do.
That’s Biden’s problem as he grapples with another cascading crisis.