Trish Regan: The Colonial Pipeline attack is a wake-up call. It is high time that we focus on the security surrounding our key infrastructure, including, by the way, our grid.
Hello, everyone. Welcome to the week’s edition of American Consequences With Trish Regan. I am Trish, and, wow, we got word over the weekend of a massive attack, a cyberattack, a ransomware attack, on a key pipeline. Maybe one that you’ve never heard of, but you know what? It’s responsible for nearly half of the fuel that is delivered all up and down the East Coast – from Texas to New Jersey, 5,500 miles of pipeline. It has now been compromised thanks to a group called DarkSide – new group believed to be out of Eastern Europe. Specifically, Russia it is said. I want to go to the president of the United States talking about what our intelligence community knows about this group thus far. Here we go. [Audio Clip]
- So we know that the hackers are in Russia. We also know that they have not gone after any former Soviet bloc companies nor any Russian companies. Only western European companies and American companies. This of course, being the biggest and latest.
What this does expose is how vulnerable we really are, how vulnerable our infrastructure is. And I’m not just talking about pipelines. What has me worried – and I’m going back to the reporting I did in the October issue of American Consequences magazine – what has me worried is the vulnerability of something even bigger like our grid.
You know, this is a wake-up call. We need our Department of Defense working on this. We need them working together with business to protect the American people. Right now, there’s kind of a blame game going on. It seems that the administration wants to point the finger and say, well, this is all business’s fault. Business needs to deal with it. It’s a separate thing. No, no, no. This is something that we need the assistance and the help of the U.S. government on. Hear Anne Neuberger here talking with reporters about why this is just for the private sector. [Audio Clip]
- You’re trying to get out of this one. OK? Don’t just sit there and tell me it’s a private company – we know! And I’m all for private companies, and I’m all for businesses taking on some ownership here. But I also recognize that the duty of the United States of America and the duty of our government is to protect all of us, to ensure our security. There are things that a company could and should do, but at some point we need to be able to rely on our military to have the proper defenses in place so that Russian hackers can’t take us down.
Again, this gets to the grid issue. Because this is a scary thought and not one that Facebook for sure wants me talking about. In fact, I posted a video on this, and Facebook within twelve minutes of that going up told me that the content was too sensitive. It is sensitive, but I don’t have a page that’s meant for children. I have a page that is meant for people that care deeply about economic issues, market issues, geopolitical issues. And one of the things that you need to recognize, as scary as it is, is that our infrastructure is vulnerable.
And there have been reports going all the way back to 2008, and another one in 2016, and most recently in 2019 in which our government has been warned by the EMP Commission, Electromagnetic Pulse Commission, that says look, if we actually suffered from one of these, nine out of 10 Americans will be dead within the year. That’s sensitive content. I don’t even like talking about it frankly, but you know what? We have to talk about these things because when they’re going after pipelines, they could just as easily be going after something bigger. And this is why we need our Department of Defense working overtime to make sure that our critical infrastructure is protected.
So what exactly is DarkSide? We know it’s a relatively new cyber hacking group, and it seems to have some ties to Eastern Europe. Kara Frederick, right now a research fellow for the Heritage Foundation and someone who led counterterrorism programs over at Facebook, spent six years as a counterterrorist analyst at the DoD. She joins me now. And Kara, I’m fascinated by this because increasingly, I guess, as we become more and more dependent on technology, these cybercriminals, these hackers, they know that they’re able to exploit this. What do we know about this DarkSide group?
Kara Frederick: Well, Trish, you’re exactly right, and I’ll underscore what you just said. So by 2025, almost 5 billion people will have access to the Internet. And as you know, this presents an ever-growing opportunity for a cybercriminal to wreak havoc – so specifically, as you mentioned, DarkSide. This is a relatively new group. They’re a group of cybercriminals, for-profit actors, likely based in Eastern Europe, and possibly Russia. That’s been thrown about.
They’re the ones that the FBI confirmed are responsible for this malicious software that interrupted the Colonial Pipeline systems. So we know that there’s an increasing murkiness of strategic intention that nation-state actors like Russia, cybercriminals, and even activist groups of black-hat hackers that are sort of looking to exploit certain situations for ideological purposes – all three of those groupings are increasingly intertwined, which sort of heightens the potential for digital chaos. And I would say DarkSide is no exception.
They issued a statement on Monday where they said hey, we just want money. We didn’t do this. There was no, you know, geopolitical implication that we were seeking when we attacked what was really almost half of the gasoline and jet fuel that the East Coast is provided by these, you know, 5,500 miles of pipeline that they actually ended up disrupting.
So they said they didn’t intend to do it, but you know, there’s kind of a twist on the thing. You know, you might not be interested in geopolitics, but geopolitics is interested in you. So the DarkSide, you know, they pretend that they sort of got caught up in this web, but you know, as the digital space grows and grows, and more actors come online, we have to recognize that this is going to be an increasing thing that happens and prepare for it accordingly.
Trish Regan: They’re somewhere, right? These people are living somewhere. There is some speculation that they may have ties to Russian intelligence. That they may be based out of Eastern Europe because for whatever reason they’re not going after Russia nor any former Soviet bloc countries. All of the attacks have happened in Western Europe, or in the U.S.
So at what point do we say OK, Russia, like the jig’s up. Like we know that you guys are kind of cozy with this team of hackers. How do you hold governments responsible for allowing these people to exist and to commit criminal activity when, you know, they pretend like, oh, we have nothing to do them?
Kara Frederick: Yeah. And they hide behind how difficult it is to attribute cyberattacks to specific countries. So we know that there’s a spectrum of complicity among nation states when it comes to the cybercriminals and the cybercriminal groups that they harbor, but we have to impose costs when things like this happen.
So there’s a cybersecurity analyst at Columbia, Jason Healey, who talks about a spectrum of national responsibility. And we know that Russia is right now, at this point, they’re pretty high on the stage of responsibility here. There is passive state approval. Sometimes there is explicit imprimatur, but in this case, it looks like they’re just sort of letting them – OK, if you want to cause disruptions among our enemies, the United States, the West, whatnot, go ahead. Go ahead and do it.
Trish Regan: Is there anything at all similar? I mean, does the U.S. crack down if somebody’s trying to say, you know, create havoc in Iran, or you know, in China or in Russia? Or do we not have computer programmers with that capability? I mean, is it reciprocal at all?
Kara Frederick: It’s different. If you’ve noticed in the past few years, the Trump administration did a good job of really loosening some of the more stringent restrictions on offensive cyber operations and USCYBERCOM – the United States Cyber Command – came out with its vision statement which basically allowed us to “suspend forward.” So use our largesse, our engineering capability of the people that are, you know, working under the flag of the United States to kind of figure out how to impose costs on these actors in kind.
So we’re not – there are degrees of gradation that are occurring that I’m not privy to. I’m out of the intelligence community now. But given the Cyber Command’s vision statements and some of the Trump administration’s forward-leaning philosophy on offensive cyber operations, I think we are doing a good job of fighting back in that way.
Trish Regan: When you were at Facebook, did you find at all that some of these hacking groups, these cyber groups, did they try to recruit online? Was this something that you guys were watching for?
Kara Frederick: Well, does a duck know or a fish know if he’s wet? That’s just the environment they operate in. They live and breathe, you know, in places like the dark web and the digital space. So it’s not something that I’ve dealt with specifically at Facebook. I do counterterrorism and I’m also an analyst, so it’s just sort of a different way of looking at the problem. But I’m absolutely sure that certain – you know, this is how they do their recruiting, online. It’s so much easier. As we know, you know, having gone remote for the past year, the world is just increasingly digitally connected. And when that happens, the vulnerability compounds. So that’s absolutely something that is occurring in the deeper recesses of the digital world.
Trish Regan: Yeah. It feels like it’s really changed the landscape, Kara. So you know, when we think about our military and our Air Force and our Navy, and you know, all of our ground capabilities, it’s very different because you could be held hostage by these cyber groups, which may or may not be state actors. They may or may not be terrorist groups. I mean, it just completely, I guess, changes our sense and concepts of warfare. How critical is it that we sort of recognize this new threat and do everything within our power? I mean, I’m looking at this, you know, Colonial Pipeline situation, and I’m wondering like where’s the Department of Defense? Why haven’t we been able to better equip companies and corporations with the technology to defend themselves against these bad guys?
Kara Frederick: Yeah. And I do think at this point that the tide is turning and people are waking up. We talk about conflict in the gray zone a lot, you know, areas other than outright physical war. But I think there are a lot of smart people working in Washington, D.C. right now. The former deputy secretary of defense, Bob Work, is really banging the drums here on artificial intelligence, and the way that we’re going to fight our battles in the future.
Because you know, war, as you said, is not going to look like what it previously looked like. We fought with tanks and guns and airplanes, but now, warfare of the future is going to be smarter instead of stronger. And those developments in technology are going to take place in the digital space. This has a vast implication for command and control, the speed of decision making – all different things that we really need to think about in terms of, you know, our digital projection of power.
And, you know, the blending of things that we think of specifically as defense-oriented or military-oriented are made extremely evident, as you said, by the Colonial Pipeline attack. Because you have these maybe even cybercriminals for hire, the for-profit actors that target places like critical services infrastructure, hospitals, things that rely on access to data to keep services running, to keep Americans healthy, and to keep our society on the right track. And this is pretty much every service now.
You look at the cyber incident against Health and Human Services in March 2020 right as the pandemic hit. That was on the state of ransomware attacks over the past two years against U.S. local governments, against more hospital systems. You saw the Florida-based incident, where a water treatment facility was remotely hacked and manipulated the chemical treatment levels very recently. So there’s sort of this blending of, you know, how we exist in our daily lives, and, you know, that is the attack and it can have geopolitical implications. And I do think that Americans who stand up and, you know, raise their right hand and join the military need to be increasingly aware of that. The battlefield is not just being fought on, you know, the battle space itself. The battle space has expanded, and that includes places that are attacked like our critical infrastructure, our hospital systems, and our gas pipelines. So the private sector also, as you mentioned, has a huge role to play here. They have to assume that they’re being targeted. They have to assume that maybe it’s not just for profit in this case, but there’s a blending of that strategic intent. And they have to have plans in place. The government has to work with the private sector to do this. I know it’s almost trite at this point, but it’s very important that they share information. And then they also need to be transparent about what happens as well. They need to be incentivized to provide incident reports of things like this happening to the public.
Trish Regan: Right. And sometimes they’re afraid. I mean, there’s a lot of companies that will just say OK, let me pay the ransom. But you know, you need to get the government involved in this stuff. And there’s probably plenty of companies that worry about their stock price and how it’s going to affect investor sentiment, et cetera. But it is a national security issue.
Let me ask you this. It feels like so many hackers are coming out of Russia. I mean, what is it about Russia? I spoke recently with a Russian friend who tried to explain that there was a language difference. That somehow the hacking was easier because of their facility with English versus American’s facility with Russian. Why are all the hackers seemingly Eastern European?
Kara Frederick: I mean, they know how to project power in the way that they can. They stick to their comparative advantage, and that is to get a group of people, you know, cleaning away in a closet. Let’s be honest, Americans are distracted. We have a lot of other things that we have to think about that we can enjoy. And Russia, Iran, North Korea, they have a very clear idea of what they want to do to their enemies. They have a very clear idea of who their enemies actually are.
And yes, we are in a competition with China. We are very much entangled in their supply chain, in our supply chain, and whatnot, and there’s a lot of symbiosis there. But at the same time, they know that we are competing.
Americans, they want to put their heads in the sand, or worse, turn inward on these domestic things that don’t really matter in the end. Like critical race theory all over in our schools. We are tearing each other apart for things that don’t actually matter where our enemies are, you know, every single day plotting our destruction. And I don’t think that’s hyperbolic. They just have a very clear-eye vision of how they want to exist for the next few years, and you know, in China’s case much longer. And they have a very long timeline of what they want to accomplish, and we’re too busy squabbling amongst ourselves over things that I don’t think are as important as some of these geopolitical threats that we’re continuing to face that we seem to have forgotten about because we’re too busy arguing about birthing people instead of mothers.
Trish Regan: The point being that Americans are obsessed with sort of trivial stuff. Right? It’s a luxury in some ways. But then you look at Russia, you look at Iran, you look at China, where they’re very, very focused on – by the way, make sure you follow Kara Frederick. She’s from the Heritage Foundation, @KaraaFrederick on Twitter.
Kara, so do the Russians contribute to that, though, or the Iranians or the Chinese or whoever wants to kind of help gin up this political discourse in the U.S.? Are they helping to feed that in some way so they keep us off kilter and unbalanced and just focused on trivial stuff while they work on the real stuff?
Kara Frederick: Yes. I mean, we have reports from office of the Director of National Intelligence. We have reports years back saying that Chinese influence operations, Russian influence operations, they’re looking to exploit the fissures in our culture.
Years ago, Russia was pumping information into Facebook that was trying to exploit the NFL kneeling controversy. You know, what does Russia care? They care insofar as they can sew that division amongst Americans themselves. So they are absolutely laughing when they see us tearing each other apart, at each other’s throats over, again, this trivial, you know, manipulation of language that the progressive Left is trying to propagate onto, you know, our entire society. So this plays right into their hands.
They’ve been trying to separate Americans, divide them. The only way that we are going to stop being, you know, the powerhouse that we’ve always been in the world since World War II is if we tear each other apart in which we’re divided amongst ourselves, if we destroy ourselves from the inside. And that has a massive national security component because our competitors, our enemies, are loving it and stoking it deliberately in the digital space. And this is going to continue as long as there’s plenty of fodder for it. And I think Americans need to be very explicit about guarding against foreign maligning influence operations.
Trish Regan: This is “divide and conquer,” right? This is just right from the playbook. But let me ask you this. At what point – like, you know, as a journalist I feel I have an obligation to talk about the topics that I’m concerned with. I mean, for me, it’s the economy. It’s national security. I look at the job scenario and the disaster report that we got last week, which to me is a product of poor policy, poor economic policy. But you know, by exposing that, you’re ginning up sort of this frustration with the current administration and therefore, even helping, you know, inadvertently to contribute to this division. Right?
Because I’m saying, what the heck are we doing? Giving out all this money for unemployment when we want people to go back to work. How are they ever going to go back to work? Just by saying that, and to me, that’s pointing out something that I think is pretty important from a policy perspective. I’m now running the risk on social media of having people furious with the administration, which by the way, I’m a big believer. I may not like this administration’s policies, but I’m a big believer in, you know, being a patriot first. And you respect and honor your president, period, because he – and maybe someday she – is the president of the United States.
But you know, you have to be able in a free society to express these concerns, Kara, and not worry that it’s going to completely destroy our country, divide and conquer, and you know, give ammunition to the Chinese.
Kara Frederick: Exactly. And here’s the thing. I think you can separate this into two buckets, right? You can look at American democracy. We’re a republic. It is messy. There is fake. There’s federalism. That’s important. There’s an independent judiciary. There’s the free press. There are all kinds of civil society actors that are getting in there with debate, and it’s just – it’s a heated process. That’s one bucket, and that should remain as such.
There should be a legitimate genuine marketplace of ideas where we’re allowed to, you know, bounce all of these things off each other. We’re allowed to get vociferous at times, obstreperous at others. We’re allowed to argue and fight. But that’s why we have that independent judiciary. That’s why we have representation which is different in the House of Representatives and the Senate. That is why we have our free press to air and amplify these things.
However, it’s very, very different when it comes to the second bucket, which is your foreign actors seeking to impress their will upon the United States, upon our democracy. What I don’t like is what I’m sort of seeing right now – this conflation of domestic extremists with our foreign enemies that are actually trying to hurt us. So we’re saying oh, because of conservatives, because of somebody’s grandmother posted something on Stop the Deal, they are now the enemy. They are the domestic terrorist.
That is very, very different from al-Qaida or ISIS, who are seeking to conduct an external operations attack against a facility in the United States, or you know, a state-sanctioned Russian hacker seeking to conduct a malware attack against a U.S. oil pipeline, gas pipeline. So it’s very, very different, and we need to be conscious of separating the two and not let them sort of blend into each other, which is a very troubling trend that I’m seeing with this administration.
So in sum, it’s great. Separate the two buckets. Let’s make sure democracy is still messy. That our republicans –
Trish Regan: What do you mean? Say that again.
Kara Frederick: You know, it’s talks of domestic extremism surveillance legislation in the hopper. Things that we are talking about, turning a big digital surveillance apparatus inward on citizens of the United States because we don’t like what they’re saying about election integrity. That to me is extremely troubling. We should take our big digital surveillance apparatus and use it to look at foreign terrorism, foreign maligning influence operators, such as the Chinese, the CCP, the Chinese Communist Party is seeking from the outside to take on the United States.
We should not be turning these tools inward on our population. It limits civil liberties. It hurts our ability to speak freely as a fractious people that we are as Americans. So we need to be careful that we stop blending those two buckets of yes, a messy democracy where we can call out bad policies, but also our foreign enemies that are actually trying to hurt us. We cannot blend the two. We have to keep them separate. Keep America free. Keep our republic fractious and messy, but at the same time, wreak havoc on our enemies when they try to hurt us.
Trish Regan: Very, very insightful points. Kara, thank you so much for joining us today. This has been a fascinating discussion and a lot of takeaways here, but scary, treacherous times indeed. Thank you, Kara.
Kara Frederick: Thanks, Trish.
Trish Regan: For more on the threat to our national grid and a possible, unthinkable EMP attack, I’m joined right now by John Rossomando. He’s a researcher for national defense issues at the Center for Security Policy. He’s also an interviewer at the National Interest. John, good to have you here.
John Rossomando: Thank you, Trish, for having me.
Trish Regan: Look I mean, I’ll just say that this news unfolded. It started of course, last weekend. We heard about the Colonial Pipeline attack. And a pipeline is one thing. We know that already you’re seeing gas lines all up and down the East Coast because people are worried and understandably so. Numerous gas stations are running out of fuel because this pipeline services 45% of the fuel that’s carried to the East Coast.
But I’ve done some reporting on the sort of EMP attack on our national grid, and it got me thinking. I mean, it’s one thing to have a pipeline go down and it’s awful, and there’s really no excuse for it. I hope that our Department of Defense is all over this. But what I’m really worried about is if they can do that to a pipeline, how protected is our grid, or not protected for that matter? I mean, that would be really, really catastrophic. The reports show 90% of Americans would die within a year as a result of an EMP attack. How confident are you that we’re doing what we need to protect that critical infrastructure?
John Rossomando: I think, Trish, that, you know, a nuclear EMP attack is relatively unlikely. But I think in the case of some sort of EMP attack, we need to be working at hardening our infrastructure to make them resistant. You know, throughout the Cold War, hardening our infrastructure was a primary civil defense goal of the U.S. government. I mean, going back to what they call the Starfish Prime test in 1962 where the U.S. Air Force detonated a nuclear weapon in space, and it caused a blackout in Honolulu.
I think that you know, more recently we’re seeing an increase in nuclear development on the part of China. The U.S. Strategic Command said last month that it’s no longer a question of whether or not we’re going to have it, but nuclear conflict is becoming more and more of a threat.
Trish Regan: I mean, I just worry because you think about the new kind of warfare. This is not conventional warfare, the environment that we’re in where rogue actors, small states that don’t like us, can really inflict some massive, massive damage in a way that they wouldn’t have been able to do in the past, right? Because you know, all you need is some really good hackers and some computer equipment, and suddenly you could take down a country the size of the U.S.
So I guess my question to you is what are we doing, if anything, to really protect ourselves?
John Rossomando: Well, I don’t know that we’re doing enough in terms of, you know, cyber defense and cyber capabilities. I’m more concerned about, you know, hack attacks from the People’s Republic of China, or from you know, Russia’s GRU, which is its military intelligence which, you know, shut down the gas pipelines through Ukraine a few years ago.
I think that this is something that is nation state versus nation state, and we need to start thinking about it in terms of war as opposed to, you know, just hacking.
Trish Regan: Yeah. You know, this is a kind of war crime when you engage in this kind of behavior. And to take it away from the grid for a second and go back to what just happened with Colonial Pipeline, I mean, this is really catastrophic for the East Coast. And as we’re seeing with these lines and you know, already some of the closures that have happened. We’ve no indication right now as to when Colonial will be back up and running. Perhaps this speaks to why do we have only one pipeline that’s servicing half of the East Coast? That’s another topic for another day.
But you know, it shows I guess the vulnerability and the dependence we have on infrastructure. And if you’re not matching that simultaneously with the same kind of security that you would need for such a critical asset, then we’ve got problems, don’t we?
John Rossomando: We do. I really personally in terms of media threats to the United States, you know, shutting everything down, I’m more concerned about a nation-state hack attack against U.S. infrastructure by the Chinese or by the Russians.
I think that ,you know, we really need to be looking at things like artificial intelligence. You know, countermeasures that can provide unbreakable codes and things like that. I mean, the biggest threat that we’re facing right now is that the Chinese are working with what they call clock computing, which you know, within a decade possibly can break through all of our safeguards and threats.
I think that we have no leadership. We have no – when looking at the possibilities, the way that you prevent possibilities from happening is by looking at all of the contingencies and blocking all of the possible chess moves by your opponent.
Trish Regan: Yeah. I mean, one of my questions was – and I was asking a previous guest, Kara Frederick from the Heritage Foundation, about this. You look around the world and it seems like all these hackers are coming out of Eastern Europe. What is it about Eastern Europe, what is it about Russia, that seems to be cultivating and growing these groups of folks versus the U.S.? I mean, I don’t hear about the U.S. hackers going after you know, something over in Iran.
John Rossomando: Well, we’re more interested in fighting fair. We’re stuck in you know, mid-20th century warfare paradigms. The Russians and the Chinese have adopted a strategy of unrestricted warfare, and that includes cyber warfare. And you know, it’s a cheap way for them to get at us in the business they call gray zone warfare. It’s kind of like where you push out to the edge without committing to firing tank shells, or using nuclear weapons. It’s just a cheap way to attack your enemy. And you know, the Russians under Vladimir Putin view the United States as their ____ enemy, and we’re looking at the world through an outdated prism.
Trish Regan: Here’s a question. I mean, why don’t we – they’re hiding potentially behind these rogue actors, right? Oh no! You know, we can’t control them. But if you’re allowing them to, you know, stay and live and thrive there, then you probably do have somewhat of a hand in it, and I think Joe Biden has made that point – that you know, if in fact they’re harboring these hackers, then they have a role in it.
I’m just wondering, and I’m not entirely tit for tat, but I mean if we wanted to do some damage, I would think hopefully we could. Why is it that they’re always the ones poking us, and we’re not doing anything back?
John Rossomando: I just think that, you know, we have people like former Vice Chairman of the Joint Chiefs of Staff Admiral Sandy Winnefeld who says we should be doing it. But I don’t think that our – you know, Americans like playing nice. They like being the nice guy.
I mean, what I think we need to be doing is taking Admiral Winnefeld’s suggestion to remove the ability for China, Russia, Iran, North Korea to control their populations by, you know – in China, take down the great fire wall that shields them from the war crimes committed by, you know, their people against the weaker.
And Russia, I mean I think we should be doing similar things to the Russians – taking out their infrastructure. I mean, the Russian economy is a fraction of ours, or the Chinese. So you know, they can ill afford having a shutdown on their oil supply. I think we should because China, I mean Russia, is basically a gas station. They don’t have much else in terms of infrastructure, and they rely a lot on the Chinese, especially since the invasion of Crimea for resources. I think that we should be doing to them what they’re doing to us.
Trish Regan: Well, John Rossomando. Thank you so much. This has been such an interesting conversation. And look, I think that there’s a lot that we probably will need to do in the coming years, but I hope it’s not too little, too late.
Thank you so much for joining us. Good to have you here today.
John Rossomando: Thank you, Trish.
Trish Regan: A reminder. Make sure you go to americanconsequences.com. You can get my article that I did. Actually I did another one just this week on the threat of an EMP disaster, and you can read the one that I did back in October as well. It’s all at americanconsequences.com. So go there, read the materials. You will be smarter because of it. Thank you so much for listening. I’ll see you right back here next week.