What has Happened:
- Late on Friday evening, Colonial Pipeline announced more than 5,000 miles of its pipeline would be shut down to contain a ransomware breach.
- The pipeline carries 45 percent of the East Coast’s fuel supplies.
- On Saturday, the Biden administration provided further details of the attack identifying the likely attackers to be a criminal group.
- Cyber criminals often conduct attacks in cooperation with nation states.
Below, General Robert Walsh and General Frank Kearney of Academy’s Geopolitical Intelligence Group discuss the significance of this cyber-attack, the vulnerabilities to U.S. critical infrastructure, and the possible next steps around cyber focused policy.
Why it Matters:
“The ransomware cyber- attack is another embarrassing example of the cyber vulnerabilities in our public and private sectors. Some of these attacks have been by criminal hackers while other have been tied to nation states such as China, Russia, North Korea, and Iran. The attack on the Colonial Pipeline shows the close ties between large private companies and our national security through economic effects. The U.S. is a democratic country that prides itself in both free speech and open business competition. The nature of our openness presents risks from criminals, adversaries, and enemies that seek to exploit our openness.
The Biden administration is developing an Executive Order after the recent Russian and Chinese attacks that highlights the vulnerabilities on networks that the public and private sectors rely upon. The Department of Defense has gone to great lengths to increase cyber security. The DoD has the capability to secure networks and prevent intrusions. This places increased cyber security certification challenges on many smaller companies that do business with the DoD. Replicating these standards throughout the private sector is a challenge to our democracy and the networked information sharing and openness we have embraced. It’s a challenge that the Biden administration and Congress have accepted.” – General Robert Walsh
“This continuing string of attacks against infrastructure targets remains troubling. First, the resistance to immediately admit an attack is in progress and seek assistance weakens the ability to respond and exploit the attack by competent agencies. Second, there is little resilience built into the systems and thus vulnerability is increased. Legislation is probably needed to require redundancy. Critical Infrastructure is also ill-defined as the network of interdependent government and commercial entities are not evenly reviewed and protected. Lastly, and most dangerous, is the volume of hackers. Whether state sponsored, organized crime, or hacking groups, all share knowledge while governments and commercial entities do so less quickly and less efficiently.
This topic is rich for the discussions of economic warfare (or the ability to attack economic targets), informational targets, and military targets – simultaneously creating overwhelming decision points for the U.S. government. Total warfare is with us and this is one line of attack where we are very vulnerable.”
– General Frank Kearney
Original Post 05/10/2021