Retired Gen. Keith Alexander, former director of the National Security Agency and the first commander of the United States Cyber Command, joined ABC News’ Martha Raddatz on Sunday to discuss a recent sharp increase in Russian and Chinese cyberattacks against U.S. targets.
Calling the recent spate of cyberattacks “more blatant than I’ve seen in my career,” Alexander cited an attack reported last week against the U.S. Agency for International Development, last year’s attack on the Texas-based SolarWinds technology firm that ended up affecting thousands of the firm’s clients — including federal government agencies — and the mid-May hack on the Colonial Pipeline that disrupted gasoline supplies in the Southeast.
President Joe Biden openly attributed the recent Colonial Pipeline ransomware attack to a hacker group called DarkSide, which operates out of Russia. Alexander, who started his Army career at West Point, said he thinks DarkSide is connected “somehow” with the Russian government.
“And they’re going after our intelligence system and they’re saying, ‘Look, we don’t care. We’re going to keep doing this. We’ll deny it publicly, and we’re going to keep doing it,'” Alexander told Raddatz.
“Both Russia and China are challenging us in this space, and it’s shown that we’re not ready,” Alexander said.
Raddatz acknowledged that these cyberattacks have “expose[d] our vulnerabilities” and asked Alexander what could be done to stop it.
Alexander referred to an executive order President Joe Biden signed on May 12 after the ransomware attack on Colonial Pipeline had shut down the flow of petroleum between Texas and New York affecting much of the East Coast. The order was intended to strengthen U.S. defenses against future cyberattacks and called for cooperation between the government and the private sector to accomplish that.
Alexander liked the idea of a “public/private partnership.” He explained, “We have to build this solution together. The government can’t do it by itself. You see, most of the attacks are going against the commercial sector. The government can’t see them. We need to create a radar picture between the public and private sector that shows attacks in time to prevent them, not talk about them after the breach, but prevent the attacks.
“So we need to work this together as a team,” he said. “This is part of our future, and we’ve got to get good at it, and we’ve got to do it quickly.”
Naturally, it’s not the civilian world that’s the hold-up.
“My experience, the private sector is ready. They’re pushing forward,” Alexander told Raddatz. “So this is where Congress and the administration, the government and the private sector can really help fix this problem. And we need to do it.”
Biden is scheduled to meet with Russian President Vladimir Putin in Geneva next month. Alexander said that might be another reason for the uptick in cyberattacks. “
“The Russian hackers are clearly after gaining intelligence on our country, on what the administration is doing, what President Biden is thinking and what’s coming up against Russia as they prepare for the upcoming talks between President Biden and Putin.” Alexander said.
On Thursday, Homeland Security Secretary Alejandro Mayorkas and the Transportation Security Administration announced a set of new requirements that pipeline operators must follow forward. The protocol is detailed on the DHS website.
The statement read: “The cybersecurity landscape is constantly evolving and we must adapt to address new and emerging threats. The recent ransomware attack on a major petroleum pipeline demonstrates that the cybersecurity of pipeline systems is critical to our homeland security. DHS will continue to work closely with our private sector partners to support their operations and increase the resilience of our nation’s critical infrastructure.”
“Critical pipeline owners and operators” will be required “to report confirmed and potential cybersecurity incidents to the DHS Cybersecurity and Infrastructure Security Agency (CISA).” Companies must also “designate a Cybersecurity Coordinator, to be available 24 hours a day, seven days a week.”
The world is becoming a more dangerous place. Foreign cyberattacks are happening with greater frequency. In December, Russian hackers were able to breach networks inside the Treasury and the Commerce departments.
In March, a Chinese hacking group with ties to the Chinese Communist Party managed to penetrate the Microsoft Exchange Server. And in May, a Russian group was able to shut down a major oil pipeline, forcing a company to pay a multi-million ransom.
If Alexander is correct, our enemies have surpassed us and the U.S. has some lost ground to make up for.
In their zeal to gain power over their domestic adversaries, Trump supporters, the Biden administration appears to have forgotten about their foreign enemies.
Reality is calling.
Truth and Accuracy
We are committed to truth and accuracy in all of our journalism. Read our editorial standards.