U.S. Response to Cyberattacks? It Must Be More Than Just Biden’s “Off Limits” List

Contact Your Elected Officials

KEY TAKEAWAYS

  1. The president said he handed over a list of 16 areas of critical infrastructure.
  2. Secretary of Defense Lloyd Austin was recently asked whether there’s a definition of what constitutes a cyberattack on the U.S. He struggled to answer.
  3. The Biden administration cannot rely on simply handing over a “do not attack” list to Putin and hoping for things to get better.

President Joe Biden and Russian President Vladimir Putin held a mid-June summit in Geneva, after which Biden told reporters, “I talked about the proposition that certain critical infrastructure should be off-limits to attack, period—by cyber or any other means.”

The president said he handed over a list of 16 areas of critical infrastructure that are broadly defined currently by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

Leading up to the July Fourth weekend, news broke that Kaseya, an information technology management software provider, had suffered a massive software supply chain ransomware attack that has spanned the globe, affecting businesses, grocery store chains, schools, and more everywhere, from the U.S. to Germany to New Zealand.

Kaseya said that “critical infrastructure” has not been affected by the attack. About 50 of its customers have been hit, leading to downstream effects of 800 to 1,500 “local and small businesses” hurt by the ransomware attack.

However, Kaseya could be considered one of those 16 critical infrastructure sectors as “infrastructure technology.” The FBI continues to investigate the broader set of victims of this attack, so it may be some time before we know its full impact, which could be more extensive than current reporting.

REvil, a Russian-based ransomware-as-a-service group that carried out previous high-profile attacks, such as against JBS meatpacking, has claimed responsibility for the ransom and has demanded $70 million in bitcoin cryptocurrency while claiming to have affected more than “a million” systems.

With the onslaught of ever-growing cyberattacks, Biden’s approach to cyber diplomacy is on shaky ground.

“We agreed to task experts in both our countries to work on specific understandings about what’s off-limits [for hacking] and to follow up on specific cases that originate in … either of our countries,” he said, shortly after his summit with Putin. White House press secretary Jen Psaki stated that “expert level” discussions are ongoing with a session on ransomware set for next week.

One can have a differing opinion on the severity of these various cyberattacks or crimes, and whether or not they are state-backed, but the fact remains that they are increasingly affecting everyday Americans.

Businesses, hospitals, schools, and other entities in the U.S. and elsewhere may not be deemed “critical infrastructure,” but ransomware attacks against them have a significant impact economically and personally to individuals and organizations.

For example, a recent ransomware attack against Ireland’s hospital networks has led to weeks of disruptions of hospital information technology functions that have affected scheduling capabilities for blood tests and diagnostics.

Secretary of Defense Lloyd Austin was recently asked whether there’s a definition of what constitutes a cyberattack on the U.S. He struggled to answer an important question that our country must be ready to answer and outline to our foes in this new battlefront.

Former Director of National Intelligence John Ratcliffe noted that the U.S. needs to attribute these attacks and either overtly or covertly retaliate against those responsible, thereby creating deterrence for the future.

If the response is against Russian cybercriminals directly, the Putin regime should be put on notice that the U.S. means business when it comes to protecting our digital assets, “critical” or otherwise.

It’s well-known that the Russian government turns a blind eye to various cybercriminals originating from its turf. At times, cybercriminals have a tangential connection to Russian intelligence or military assets.  

The Trump administration reportedly relaxed the bureaucratic decision-making process on utilizing America’s offensive cybercapabilities, and it would behoove the Biden administration to continue those efforts and expeditiously structure forward-leaning response measures to these cyber and ransomware attacks.

We have now seen in the past seven months a massive software supply chain cyberespionage campaign in SolarWinds conducted by Russian intelligence, a global-scale cyberattack by the Chinese state-sponsored group Hafnium, and an array of ransomware attacks that have picked up in recent years, including the DarkSide Russian criminal attack on the Colonial Pipeline and REvil’s $12 million ransom of JBS.

Fundamental changes to the U.S. cyberdefense posture via a recent executive order, the Cyberspace Solarium Commission legislative recommendations, and congressional efforts for further government-private sector information-sharing and breach-reporting practices are currently in the pipeline.

At some point, however, the U.S. must grapple with a mixed-use offensive and diplomatic framework to tackle nation-state and state-backed cyberattacks and espionage campaigns.

The Biden administration cannot rely on simply handing over a “do not attack” list to Putin and hoping for things to get better.

We should be telling the RussianChinese, Iranian, and North Korean governments that there will be no tolerance for state-backed cyberattacks and that willful ignorance of cyber actions against the United States will be cause for significant response. Finally, we should coordinate with allied partners around the globe—who face the same onslaught of those attacks—to join us in these efforts.

By Dustin Carmack

Dustin is a Research Fellow in Technology Policy at The Heritage Foundation.

Read Original Article on Heritage.org

The Heritage Foundation
The Heritage Foundationhttps://www.heritage.org/
The Heritage Foundation formulates and promotes public policies based on free enterprise, limited government, individual freedom, traditional values, and strong national defense.

Peace In Ukraine Won’t End The West’s Hybrid War On Russia

The West’s Hybrid War on Russia to follow peace in Ukraine is inevitable due to neoconservatives and liberal-globalists in its decision-making ecosystem.

Was Texas Storm Manmade?

Another “1-in-100 years” weather event in Kerr County happened next to a Texas designated “Weather Modification Map of Rain-Enhancement Projects in Texas”.

The America Party Will Harm Democrats The Most

Elon Musk formed the America Party after an X poll asking his followers if they wanted “independence from the two-party system!

Democrats Exhibit the Dunning-Kruger Effect (DKE)

“The Dunning-Kruger effect is a cognitive bias where people with low ability at a task overestimate their competence, while those with high ability underestimate their competence.

250 Countdown

Those 56 intrepid men who signed put their very lives, honor and fortunes on the line. There was no auto-quill to accommodate their signatures. 

Supreme Court Clears Way for Mass Federal Layoffs

The Supreme Court lifted a lower court order that prevented the Trump admin from carrying out job cuts en masse and restructuring federal agencies.

Doctor Groups Sue RFK Jr. Over Altered COVID-19 Vaccine Recommendations

Health Sec. RFK, Jr.’s decision to remove recommendations that healthy children and pregnant women receive COVID-19 vaccines was illegal, lawsuit alleges.

Los Angeles Mayor Confronts Federal Immigration Officers at MacArthur Park

After decrying federal immigration enforcement operations in Los Angeles, Mayor Karen Bass confronted ICE officers as they gathered at a city park.

What We Know About Victims of Texas Floods

The death toll from a series of devastating Texas floods over the July 4 weekend has risen to more than 100 people, many of whom are children.

Top Trump Officials to Hold Trade Talks With China in August

The Trump administration’s top trade negotiators are set to meet with Chinese officials in early August, Commerce Secretary Howard Lutnick said.

Trump, Netanyahu Meet for 2nd Consecutive Day at White House to Discuss Gaza

U.S. President Donald Trump is hosting Israeli Prime Minister Benjamin Netanyahu at the White House on July 8 for a second consecutive day.

Trump Extends Federal Hiring Freeze Until October

Trump issued memo extending federal hiring freeze until Oct. 15, maintaining exemptions for positions related to the armed forces and public safety.

US to Send More Defensive Weapons to Ukraine

The Pentagon is sending more defensive weapons to Ukraine amid the Eastern European country’s ongoing war with Russia.
spot_img

Related Articles