U.S. Response to Cyberattacks? It Must Be More Than Just Biden’s “Off Limits” List

Contact Your Elected Officials

KEY TAKEAWAYS

  1. The president said he handed over a list of 16 areas of critical infrastructure.
  2. Secretary of Defense Lloyd Austin was recently asked whether there’s a definition of what constitutes a cyberattack on the U.S. He struggled to answer.
  3. The Biden administration cannot rely on simply handing over a “do not attack” list to Putin and hoping for things to get better.

President Joe Biden and Russian President Vladimir Putin held a mid-June summit in Geneva, after which Biden told reporters, “I talked about the proposition that certain critical infrastructure should be off-limits to attack, period—by cyber or any other means.”

The president said he handed over a list of 16 areas of critical infrastructure that are broadly defined currently by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

Leading up to the July Fourth weekend, news broke that Kaseya, an information technology management software provider, had suffered a massive software supply chain ransomware attack that has spanned the globe, affecting businesses, grocery store chains, schools, and more everywhere, from the U.S. to Germany to New Zealand.

Kaseya said that “critical infrastructure” has not been affected by the attack. About 50 of its customers have been hit, leading to downstream effects of 800 to 1,500 “local and small businesses” hurt by the ransomware attack.

However, Kaseya could be considered one of those 16 critical infrastructure sectors as “infrastructure technology.” The FBI continues to investigate the broader set of victims of this attack, so it may be some time before we know its full impact, which could be more extensive than current reporting.

REvil, a Russian-based ransomware-as-a-service group that carried out previous high-profile attacks, such as against JBS meatpacking, has claimed responsibility for the ransom and has demanded $70 million in bitcoin cryptocurrency while claiming to have affected more than “a million” systems.

With the onslaught of ever-growing cyberattacks, Biden’s approach to cyber diplomacy is on shaky ground.

“We agreed to task experts in both our countries to work on specific understandings about what’s off-limits [for hacking] and to follow up on specific cases that originate in … either of our countries,” he said, shortly after his summit with Putin. White House press secretary Jen Psaki stated that “expert level” discussions are ongoing with a session on ransomware set for next week.

One can have a differing opinion on the severity of these various cyberattacks or crimes, and whether or not they are state-backed, but the fact remains that they are increasingly affecting everyday Americans.

Businesses, hospitals, schools, and other entities in the U.S. and elsewhere may not be deemed “critical infrastructure,” but ransomware attacks against them have a significant impact economically and personally to individuals and organizations.

For example, a recent ransomware attack against Ireland’s hospital networks has led to weeks of disruptions of hospital information technology functions that have affected scheduling capabilities for blood tests and diagnostics.

Secretary of Defense Lloyd Austin was recently asked whether there’s a definition of what constitutes a cyberattack on the U.S. He struggled to answer an important question that our country must be ready to answer and outline to our foes in this new battlefront.

Former Director of National Intelligence John Ratcliffe noted that the U.S. needs to attribute these attacks and either overtly or covertly retaliate against those responsible, thereby creating deterrence for the future.

If the response is against Russian cybercriminals directly, the Putin regime should be put on notice that the U.S. means business when it comes to protecting our digital assets, “critical” or otherwise.

It’s well-known that the Russian government turns a blind eye to various cybercriminals originating from its turf. At times, cybercriminals have a tangential connection to Russian intelligence or military assets.  

The Trump administration reportedly relaxed the bureaucratic decision-making process on utilizing America’s offensive cybercapabilities, and it would behoove the Biden administration to continue those efforts and expeditiously structure forward-leaning response measures to these cyber and ransomware attacks.

We have now seen in the past seven months a massive software supply chain cyberespionage campaign in SolarWinds conducted by Russian intelligence, a global-scale cyberattack by the Chinese state-sponsored group Hafnium, and an array of ransomware attacks that have picked up in recent years, including the DarkSide Russian criminal attack on the Colonial Pipeline and REvil’s $12 million ransom of JBS.

Fundamental changes to the U.S. cyberdefense posture via a recent executive order, the Cyberspace Solarium Commission legislative recommendations, and congressional efforts for further government-private sector information-sharing and breach-reporting practices are currently in the pipeline.

At some point, however, the U.S. must grapple with a mixed-use offensive and diplomatic framework to tackle nation-state and state-backed cyberattacks and espionage campaigns.

The Biden administration cannot rely on simply handing over a “do not attack” list to Putin and hoping for things to get better.

We should be telling the RussianChinese, Iranian, and North Korean governments that there will be no tolerance for state-backed cyberattacks and that willful ignorance of cyber actions against the United States will be cause for significant response. Finally, we should coordinate with allied partners around the globe—who face the same onslaught of those attacks—to join us in these efforts.

By Dustin Carmack

Dustin is a Research Fellow in Technology Policy at The Heritage Foundation.

Read Original Article on Heritage.org

The Heritage Foundation
The Heritage Foundationhttps://www.heritage.org/
The Heritage Foundation formulates and promotes public policies based on free enterprise, limited government, individual freedom, traditional values, and strong national defense.

Charlie Kirk Assassin Spotted Before Shooting!

Charlie Kirk incident mirrors Trump attempt: shooter spotted on rooftop beforehand, echoing July attack’s circumstances.

In Defense of Radical, Real Ukrainian Sovereignty

My view on the deadliest war in modern history...

Is the Left Trying to Start a Race War?

The murder of Ukrainian immigrant Iryna Zarutska aboard a North Carolina train, caught on video, sparks outrage and claims of internal threats escalating.

Canada Forces Man to Remove Cameras From Private Property Amid Anti-Racism Push

Government expands its surveillance powers, while restricting citizens from monitoring their own property, citing concerns over “racism.”

Are the E. Jean Carroll Lawsuits a RICO Case?

Trump lost his appeal in the E. Jean Carroll cases, leaving him liable for $83.3M. He plans to take the matter to the U.S. Supreme Court.

Charlie Kirk Assassinated at Utah Event

Conservative influencer Charlie Kirk was shot during an event in Utah on Sept. 10, and he has died.

Charlie Kirk Shot and Has Died

Turning Point USA's Charlie Kirk was shot in the neck at an event at Utah Valley University in Orem and he has died according to his family.

Witnesses Recount Scene of Charlie Kirk Assassination

Conservative political activist Charlie Kirk was assassinated on Sept. 10, while speaking in front of a large crowd as part of a campus speaking tour.

Bipartisan Political Leaders Condemn Shooting of Charlie Kirk

U.S. leaders condemned the Sept. 10 shooting of conservative commentator Charlie Kirk at Utah Valley University, calling for unity and a thorough investigation.

Trump Signs Memo Targeting Direct-to-Consumer Pharmaceutical Advertising

President Trump signed a memo to ensure drug ads give fair, balanced, and complete information to protect and inform American consumers.

Trump Runs out of Patience With China, Sharpens His Words

President Donald Trump’s recent remarks targeting China and its allies mark a noticeable shift in tone.

Trump Signs Order Renaming Department of Defense as Department of War

President Donald Trump on Sept. 5 signed an executive order renaming the Department of Defense as the Department of War.

Trump Signs Executive Order Targeting Countries That Unlawfully Detain Americans

President Trump signed an EO on targeting the unlawful detention of American citizens around the world and to facilitate the release of hostages.
spot_img

Related Articles

Popular Categories

MAGA Business Central