Opinion: Cybergangs need to be treated as threat they are
Last updated 5/25/2021 at 4pm
“Wake-up call” is perhaps one of the most over-used phrases in the English language. And one of the most ignored. The recent shutdown of the Colonial Pipeline because of hackers, apparently a criminal gang working out of Russia, is a case in point.
The pipeline stretches from Texas to New Jersey and transports half the fuel consumed on the East Coast. When the pipeline was shut down, panic buying ensued with long lines and gas shortages. Hundreds of stations ran out of fuel. The company that operates the pipeline paid roughly $5 million to the hackers before it could start to restore operations, according to The New York Times. So yes, we do negotiate with terrorists.
This was hardly the first “wake-up call.” The Department of Homeland Security warned in February 2020 that a cyberattack had forced a natural gas compression facility to close for two days. In 2018, multiple U.S. natural gas pipeline operators were hit by an attack on their communications systems.
Forbes reports that in one 48-month period 1,131 actual attacks occurred in the energy sector and 159 were successful, according to the Energy Department’s Joint Cybersecurity Coordination Center.
And think what would happen if there was a widespread shutdown of the electric grid. Civil unrest would be likely within a few days.
“The ransomware attack on the Colonial Pipeline in the U.S. shows the critical importance of cyber resilience in efforts to ensure secure energy supplies,” Fatih Birol, head of the International Energy Agency, said on Twitter. “This is becoming ever more urgent as the role of digital technologies in our energy systems increases.” The remarks were reported by CNN’s “Before the Bell.”
The response to this “wake-up call?” President Joe Biden issued an executive order, establishing standards for software purchased by federal agencies, admonishing the private sector to do more, and telling it to partner with the federal government to “foster a more secure cyberspace.”
Meanwhile, his $2 trillion infrastructure package doesn’t mention cyber security investment. It includes plenty of non-infrastructure items, but those allocations don’t keep fuel flowing and the lights on.
And don’t look to Senate Republicans. Their infrastructure counter proposal doesn’t mention cybersecurity either.
This is a significant failure on both sides of the political aisle — one that puts this nation at risk.
The damage to the American economy would be monumental if the electric grid was knocked out for an extended period. The Russians know that. So do the North Koreans, the Iranians and the Chinese. Criminal cybergangs operating out of nation states are a huge threat.
The Biden administration and Congress should treat it as such. We’ve just had one more “wake-up call.” We are on notice.
— Albuquerque Journal