Trending Now
We have updated our Privacy Policy and Terms of Use for Eurasia Group and its affiliates, including GZERO Media, to clarify the types of data we collect, how we collect it, how we use data and with whom we share data. By using our website you consent to our Terms and Conditions and Privacy Policy, including the transfer of your personal data to the United States from your country of residence, and our use of cookies described in our Cookie Policy.
{{ subpage.title }}
Will the US be able to withstand cyber attacks on critical infrastructure?
The global cyber landscape has never seemed so dire. From Russian-backed ransomware attacks against America’s largest oil pipeline to the phone scammer who won’t leave you alone during dinner, we’re living in a brave new world. On GZERO World, Ian Bremmer speaks to Jen Easterly, director of the US cybersecurity agency, tasked with defending the country from all cyber threats — foreign and domestic, who is optimistic about the state of America’s cyber defenses.
Easterly says the US has finally gotten serious on protecting itself from cyberattacks. But the federal government still needs cooperation from the private sector, which operates 80% of the critical infrastructure that serves our daily basic needs. When passed, the Cyber Incident Reporting for Critical Infrastructure Act will require whoever operates critical infrastructure to report attacks coming from state and non-state actors.
Easterly digs into why Russia is the urgent cyber threat, but China could do more damage in the long term in its efforts to dominate global tech.
And should we worry about non-state actors like ISIS carrying out major cyberattacks. Is there still a threat? "Low probability, but high impact," Easterly tells Bremmer. The bigger problem, she adds, is the dozen or so states that are using cyber to do sort of lawful things like collecting intelligence, but then use it for nefarious purposes.
This interview was featured in a GZERO World episode: Hackers, Russia, China: cyber battles & how we win
Hackers, innovation, malice & cybercrime
In the 1950s, "phreakers" whistled their ways into free long-distance calls. Steve Wozniak then improved on the scam, making enough cash to get Apple started along with Steve Jobs.
Many of today's hackers are also bored kids trying to beat the system and make a quick buck in the process. But they can also do more sinister things, Ian Bremmer tells GZERO World.
The annual global cost of cybercrime has almost tripled since 2005. If it were an economy, cybercrime would be the world's third-largest after the US and China.
We saw the impact with the 2021 ransomware attack on the Colonial Pipeline, enabled by a single compromised password. Indeed, hackers only need a tiny opening to bring down a company or a country. And they know that in Beijing, Moscow, Pyongyang, and Tehran.
So, what can we do about it?
Watch the GZERO World episode: Hackers, Russia, China: cyber battles & how we win
Hard Numbers: Estonia cyberattack, young Japanese told to drink up, Emirates shuns Nigeria, Chinese cat cameo
200: Russian hackers launched a cyberattack Thursday against more than 200 government and corporate websites in Estonia, payback for removing a Soviet-era monument. The Baltic country, one of the loudest critics of Russia’s offensive in Ukraine, was hit in 2007 by a massive wave of cyberattacks after the relocation of a Red Army statue that knocked Estonia almost entirely offline, which Tallinn blamed on Moscow.
1.7: Japan’s tax agency has announced a viral campaign encouraging the youth to drink ... more. Young Japanese drink less booze than their parents, and the government now only collects 1.7% of its total tax revenue from alcohol taxes, down from 5% in 1980.
85 million: Emirates, one of the UAE's two flagship airlines, will stop flying to Nigeria on Sept. 1 because Abuja is refusing to hand over $85 million of the airline's funds. The government is hoarding the foreign currency revenues due to the country's dollar shortage, which is in fact an Africa-wide problem, exacerbated by high inflation and depreciating local currencies.
6,000: A Chinese teacher won $6,000 in compensation after a judge ruled she was unfairly sacked by an education tech company because her cat appeared on camera five times during a virtual class. Good opportunity to bring back the absolute best cat filter on Zoom clip of all time.
Will the US be able to withstand cyber attacks on critical infrastructure?
The US Cybersecurity and Infrastructure Security Agency was set up in 2018 to help protect America's critical infrastructure.
It might sound like a technical term, but CISA chief Jen Easterly explains that critical infrastructure is how we get water, power, gas — even food at the grocery store. And 80% of it is operated by the private sector.
So, how does the agency help businesses defend themselves from hackers?
"In cybersecurity, the federal government is just a partner ... so we all have to work together to drive down risk to the nation," Jen Easterly tells Ian Bremmer on GZERO World.
- Does Jeh Johnson consider Russia's cyber attack against the US to ... ›
- Podcast: Lessons of the SolarWinds attack - GZERO Media ›
- SolarWinds hack a wake-up call to the tech sector - GZERO Media ›
- Biggest cybersecurity threat to watch in 2022 - GZERO Media ›
- A (global) solution for cybercrime - GZERO Media ›
- Hackers, Russia, China: cyber battles & how we win - GZERO Media ›
Hard Numbers: Chinese data hack, July 4 massacre, US Navy wants Iran tips, Uzbek unrest, Mali sanctions lifted
1 billion: An anonymous hacker claims to have stolen the police records of about one billion Chinese citizens, almost three-quarters of the population. If true, it could be one of the biggest data hacks of all time — and very embarrassing for Beijing.
6: Six people were shot dead on Sunday after a gunman opened fire on an Independence Day parade in a suburb of the US city of Chicago. It's the first high-profile mass shooting in America since President Joe Biden signed the latest federal gun-safety laws and the Supreme Court ruled that Americans have a constitutional right to carry firearms.
100,000: The US Navy is offering up to $100,000 in rewards for information to help intercept weapons, drugs, and other illicit shipments in the Persian Gulf. The Americans worry about Iran supplying weapons to the Houthi rebels in Yemen despite an arms embargo and the ongoing truce in the country's civil war.
18: At least 18 people have been killed in Karakalpakstan, an autonomous province in the former Soviet republic of Uzbekistan, since the government last week revealed plans to limit secession rights in the constitution. If President Shavkat Mirziyoyev needs outside help to end the crisis, he may have to patch things up with regional cop Russia after being lukewarm on the war in Ukraine.
300 million: West African leaders agreed on Sunday to lift economic sanctions against Mali after its junta promised to return to civilian rule by 2024. The sanctions forced post-coup Mali to default on $300 million of sovereign debt so far this year.
Ukrainian flag displayed on a laptop and binary code code on a screen.
Why hasn’t Ukraine suffered a debilitating Russian cyberattack?
Russia’s invasion of Ukraine in February fueled expectations it would launch a devastating campaign of cyberattacks against the neighboring country. Since 2014, state-run Russian cyber units, state-affiliated hackers, and independent cyber-criminal groups have frequently trained their sights on targets in Ukraine. They have, among other things, forced government websites offline, caused the largest-ever cyber-induced blackout of a nation’s power grid, and deployed the most destructive and costly malware to date. So, why hasn’t there been another such attack since the war began? We talked to Eurasia Group geotech analyst Sienna Tompkins to get some answers.
We’ve come to see cyberattacks as a big part of Russia’s playbook. Has that changed?
Not really. While a large-scale attack with significant repercussions or international contagion has not yet materialized, there has been a steady drumbeat of cyber activity by Russian military and intelligence units against Ukrainian targets. In a recent report, Microsoft said there have been at least 2-3 cyber operations since the eve of the invasion. Nuisance-level attacks have overloaded key government and institutional websites with traffic, several wiper malwares have been deployed, and the hack of satellite provider, Viasat, caused widespread communications outages on the first day of the invasion.
Why nothing bigger?
One reason might be that military attacks are generally more effective when it comes to disabling critical infrastructure. There has also been speculation that Russian cyber units were caught off-guard by the invasion, without sufficient notice to plan and execute large, sophisticated attacks. Moreover, Russian leaders may be wary of US retaliation or of triggering NATO’s Article 5 collective defense clause if a NATO member is affected by the fallout. Lastly, expectations of a quick and decisive victory may also have influenced the calculus to keep critical infrastructure operational for the use of a puppet regime installed by Moscow.
That said, there is also an element of uncertainty and misdirection that occurs in times of war. Cyber operations that have yet to be activated or detected could ultimately meet the threshold of a major attack. Targets may not know they have been compromised or that the root cause of a cyber operation is cyber-induced. Moreover, in a context of widespread physical destruction, it can be hard to tell if there have been contributing cyber actions as well.
What did we learn from the recent foiled attack against Ukraine’s electric grid?
It lends weight to the theory that Moscow may have wanted to keep critical infrastructure intact in expectation of a quick victory in the war. Sandworm, a group thought to be part of the hacking operations of the GRU, Russian military intelligence, infected the Ukrainian energy company’s network in February. That was prior to the invasion, yet Sandworm only attempted to cut power months later in April.
The episode also highlights Ukraine’s increased cyber resiliency. The foiled cyberattack would have affected 2 million people, making it the largest-ever cyber-induced power outage, but was discovered prior to activation. After years of being targeted by Russia, Ukraine has ramped up investment in its defenses and in cultivating cyber talent.
Has Western assistance been a factor in bolstering Ukraine’s defenses?
Yes. The US, EU, and NATO have all contributed: US Cyber Command sent a surge team to Ukraine ahead of the invasion to hunt for compromised networks; NATO admitted Ukraine to its Cooperative Cyber Defence Centre of Excellence and included Ukrainian experts in its recent digital war simulation “Locked Shields”; and the EU mobilized its newly formed Cyber Rapid Response Team to work with its Ukrainian counterparts.
Private companies have also been playing an outsized role. Major service providers, as the main conduits for many attacks, are tracking known cyber actors and taking remedial action. Microsoft recently obtained a court order to take over seven internet domains used by Strontium, another GRU cyber unit, and redirect them to blunt their impact.
Are you worried about other countries helping Russia wage cyberwarfare?
Russia is a highly sophisticated cyber actor and perfectly capable of waging cyber warfare on its own. Additional actors could add to the chaos and disruption in Ukraine in a way that is useful to Russia, but to be strategically or tactically impactful and avoid undue escalation with the US and NATO, there would need to be a level of formal cooperation. There has been some speculation that China could get involved, but it is unlikely to take such an aggressive step and there is no evidence that it has done so yet.
What about cyberattacks by Ukraine?
Ukraine has primarily been focused on what has been called “persistent defense” — fending off Russian cyber intrusions and attempted attacks. But in a new twist, Ukrainian officials have also mobilized a civilian “IT army.” The volunteer corps is focused on taking down or defacing Russian government websites, hack-and-leak operations revealing confidential datasets, and attempting to undermine propaganda on Russian TV networks. Russia’s Ministry of Digital Development and Communications has reported unprecedented volumes of attacks against government websites. Nevertheless, the attacks remain nuisance-level and serve primarily as information warfare.
What should we expect in the cyber dimension of the Ukraine war going forward?
The story is far from over. The risks of major Russian cyberattacks against Ukraine, or countries backing it, remain elevated. The Five Eyes intelligence alliance comprising Australia, Canada, New Zealand, the UK, and the US recently warned of preparations to conduct significant cyberattacks against critical infrastructure in countries that have sanctioned Russia or otherwise shown their support for Ukraine. Western governments are exhorting companies to upgrade their cyber resilience. A significant attack is likely a matter of not if but when.
- Brad Smith: Russia's war in Ukraine started on Feb 23 in cyberspace - GZERO Media ›
- Russia gears up to escalate against Ukraine, 6 months into invasion - GZERO Media ›
- Russia freezing out Ukrainian civilians because it can't beat military, says Microsoft's Brad Smith - GZERO Media ›
- When Russia is your neighbor: Estonian PM Kaja Kallas' frontline POV - GZERO Media ›
- How cyberattacks hurt people in war zones - GZERO Media ›
Russian flag displayed on a laptop screen and Guy Fawkes mask.
Hard Numbers: Anti-Russia hacktivism, Taliban schoolgirls, Polish diplomatic evictions, Egyptian currency drop
2,500: Hackers affiliated with Anonymous claim to have infiltrated 2,500 Russian and Belarusian sites, including government and media services. Trouble is, Putin likely views these hacktivists as agents of the West and critics warn that IT hits on critical infrastructure could, in turn, lead to Russian escalation.
13: Girls aged 13 and over had been planning to return to school on Wednesday for the first time since the Taliban took control of Afghanistan last summer. But right when the new academic year was about to start, officials announced that girls’ secondary schools would remain closed until further notice.
45: Poland is sending 45 “spies pretending to be diplomats” back home to Russia, according to the Polish interior minister. The move involves about half of Russia’s embassy staff in Warsaw and reflects just how tense things have become between the two countries since the invasion of Ukraine.
14: The value of Egypt’s currency fell 14% on Wednesday after its central bank raised the main interest rate. The bank pointed to instability caused by Russia’s invasion of Ukraine and the need to curb inflation. Prices are soaring — this week Cairo fixed the price of unsubsidized bread — but the rate hike may also signal Egypt’s desire to secure more funding soon from the IMF.
Join us live from the 2022 Munich Security Conference
Friday, February 18 at 11 am ET / 5 pm CET: Watch GZERO Media and Microsoft's live conversation from the 2022 Munich Security Conference.
As crises converge, our speakers will discuss emerging risks at the intersection of technology, policy and security: NATO's role and tools to defend democracy, the US role in global alliances, the rise of cyber threats and the need for cyber norms and stronger defenses.
Participants:
- David E. Sanger, White House and national security correspondent, The New York Times (moderator)
- Ian Bremmer, President and Founder, Eurasia Group and GZERO Media
- Benedikt Franke, Chief Executive Officer, Munich Security Conference
- Mircea Geoană, Deputy Secretary General, NATO
- Kersti Kaljulaid, former President of Estonia
- Anne-Marie Slaughter, CEO, New America
- Brad Smith, President and Vice Chair, Microsoft
Event link: gzeromedia.com/globalstage
This event is being held in collaboration with the Munich Security Conference.
Live from MSC 2022: Securing Cyberspace | Friday, February 18, 2022, 11 am ET / 5 pm CET
Sign up to get email alerts about this and other GZERO events.