The cyberattack on the Colonial Pipeline exposed America’s vulnerable energy infrastructure. But the hackers are only one part of the problem. There are numerous laws on the books in America that exaggerate the damage caused by pipeline failures, but not all the fault lies in this country.
Other countries willing to turn a blind eye to cyber criminals within their borders also have some culpability for the actions of those criminals. Patrick Howell O’Neill, in the MIT Technology Review, examines Russia’s relationship with the hackers who attacked the Colonial Pipeline, and how America could respond. He writes:
Under international law, states have a responsibility not to knowingly allow their territory to be used for international crime. This most often happens in piracy, but it also applies to terrorism and organized crime. Global agreements mean that governments are obligated to shut down such criminal activity or, if they lack capability, to get assistance to do so.
Russia, however, has been known to protect criminal hackers and even co-opt them to undertake attacks on its behalf. More often, it simply tolerates and ignores the crooks as long as the country itself is not affected. That means hackers will routinely skip any computer using the Russian language, for instance, in an implicit admission of how the game is played.
Meanwhile, the Kremlin routinely strongly resists international efforts to bring the hackers to heel, simply throwing accusations back at the rest of the world—refusing to acknowledge that a problem exists, and declining to help.
On May 11, for example, shortly after Biden’s statement, Kremlin spokesman Dmitry Preskov publicly denied Russian involvement. Instead, he criticized the United States for “refusing to cooperate with us in any way to counter cyber-threats.”
The calculus for Russia is difficult to measure clearly but a few variables are striking: ransomware attacks destabilize Moscow’s adversaries, and transfer wealth to Moscow’s friends—all without much in the way of negative consequences.
Now observers are wondering if high-profile incidents like the pipeline shutdown will change the math.
“The question for the US and the West is, ‘How much are you willing to do to the Russians if they’re going to be uncooperative?’” says James Lewis, a cybersecurity expert at the Center for Strategic and International Studies. “What the West has been unwilling to do is take forceful action against Russia. How do you impose consequences when people ignore agreed-upon international norms?”
“I do think that we need to put pressure on Russia to start dealing with the cybercriminals,” Alperovitch argues. “Not just the ones directly responsible for Colonial, but the whole slew of groups that have been conducting ransomware attacks, financial fraud, and the like for two decades. Not only has Russia not done that: they’ve strenuously objected when we demand arrests of individuals and provided full evidence to the Russian law enforcement. They’ve done nothing. They’ve been completely obstructionist at the least, not helping in investigations, not conducting arrests, not holding people accountable. At a minimum, we need to demand them to take action.”
There are numerous examples of cybercriminals being deeply entangled with Russian intelligence. The enormous 2014 hack against Yahoo resulted in charges against Russian intelligence officers and cybercriminal conspirators. The hacker Evgeniy Bogachev, once the world’s most prolific bank hacker, has been linked to Russian espionage. And on the rare occasions when hackers are arrested and extradited, Russia accuses the US of “kidnapping” its citizens. The Americans counter that the Kremlin is protecting its own criminals by preventing investigation and arrest.
Bogachev, for example, has been charged by the US for creating a criminal hacking network responsible for stealing hundreds of millions of dollars through bank hacks. His current location in a resort town in southern Russia is no secret, least of all to the Russian authorities who at first cooperated with the American-led investigation against him but ultimately reneged on the deal. Like many of his contemporaries, he’s out of reach because of Moscow’s protection.
To be clear: there is no evidence that Moscow directed the Colonial Pipeline hack. What security and intelligence experts argue is that the Russian government’s long-standing tolerance of—and occasional direct relationship with—cybercriminals is at the heart of the ransomware crisis. Allowing a criminal economy to grow unchecked makes it virtually inevitable that critical infrastructure targets like hospitals and pipelines will be hit. But the reward is high and the risk so far is low, so the problem grows.
What are the options?
Just days before the pipeline was hacked, a landmark report, “Combating Ransomware,” was published by the Institute for Security and Technology. Assembled by a special task force comprising government, academia, and representatives of American technology industry’s biggest companies, it was one of the most comprehensive works ever produced about the problem. Its chief recommendation was to build a coordinated process to prioritize ransomware defense across the whole US government; the next stage, it argued, would require a truly international effort to fight the multibillion-dollar ransomware problem.
There are many options available to America in responding to this attack. The first should be to better educate Americans about the vulnerabilities they face, and about the steps they can take to protect themselves, like having some extra gasoline on hand at home, or water storage, a satellite phone, or a generator. The same preparation that could save you from a cyberattack can help you face an EMP attack, or even a localized pipeline outage.
Action Line: Get yourself and your family prepared, because no one else is going to do it for you.
Originally posted on Your Survival Guy.
If you’re willing to fight for Main Street America, click here to sign up for the Richardcyoung.com free weekly email.