Skip to content
Former CISA chief says Biden’s cybersecurity order a ‘radical game change’


Christopher Krebs, former director of the Department of Homeland Security’s Cyber ​​and Infrastructure Security Agency, praised the Biden administration for taking action to tackle cybersecurity threats. Krebs spoke to CBS News Washington chief correspondent Major Garrett for this week’s episode of “The Takeout” podcast.

President Biden signed an executive order on Wednesday aimed at strengthening the federal government’s cybersecurity defenses by asking the Commerce Department to write new standards for software companies supplying the federal government. Krebs called the action a “dramatic game changer” that showed Mr. Biden’s “committed leadership vision” for prioritizing cybersecurity issues.


Highlights from this week’s episode:

  • Christopher Krebs on Biden’s decree: “This dramatically increases the security expectations of software products sold to the federal government.”
  • Presidential and Congress action on cybersecurity: “You need both.”
  • Ransomware attacks: “Ransomware is a really, really profitable business these days.”
  • Need for companies to take measures to secure their software: “Everyone can do better. The threats are so diverse right now.”

“This dramatically increases the security expectations of software products sold to the federal government,” Krebs said, explaining that it would have a “cascading effect” for products sold to ordinary US customers.

Krebs praised Mr Biden for “abandoning the traditional approach” to cybersecurity, but said Congress must also act to strengthen the country’s cyber infrastructure. Krebs previously asked Mr Biden to incorporate this into his $ 2.3 trillion infrastructure proposal.

“You need both,” Krebs said, meaning presidential and congressional action.

Krebs also responded to the ransomware attack on Colonial Pipeline, after the company announced wednesday that it began restarting pipeline operations after a cyber attack forced the company to take some of its systems offline last Friday.

“Ransomware is a really, really profitable business these days,” Krebs noted.

The company, which operates a major energy pipeline, first announced the hack a week ago, also quickly revealed that “this incident involves ransomware.” Several sources told CBS News on Thursday that Colonial Pipeline paid a ransom to hackers who infiltrated its computer network. The money was paid off shortly after computer systems started shutting down late last week.

The FBI said on Monday that the attack was the work of a criminal gang known as DarkSide, an operation that Krebs said was primarily made up of Russian individuals, many of whom were in their teens or in their early twenties. . Colonial Pipeline said an outside security company was investigating the incident.

Krebs said DarkSide not only holds data for ransom, but also exfiltrates it, calling the operation “fifth dimensional chess here from a criminal standpoint.”

Mr. Biden said Thursday that there is no evidence that the Russian government was involved in the ransomware attack on Colonial Pipeline, although US intelligence suggests the hackers live in Russia. Krebs said he was “struggling to see how it would be possible” for DarkSide to operate without Russian national intelligence being aware of their actions.

“There are earlier examples of ransomware teams coordinating and collaborating with Russian intelligence,” Krebs said.

The decision to take the company’s systems offline led to long lines in some states this week, as gasoline prices in some areas hit an almost seven-year high and gas stations many states were plagued by long lines and many were low on gasoline. The 5,500-mile pipeline provides approximately 45% of the East Coast’s fuel.

Krebs also discussed the SolarWinds hack last year, an intrusion that initially gave cybercriminals access to 18,000 government and private computer networks, although a much smaller number were actual targets of espionage. The National Security Agency, FBI and CISA officially attributed the attack to Russia, saying the country’s Foreign Intelligence Service, or SVR, led the intrusions. The Biden administration recently issued sanctions against Russia partly in response to the SolarWinds intrusion.

Krebs, whose cybersecurity consultancy works with SolarWinds, said “there are a lot of lessons learned that anyone can learn” from the intrusion.

“Anyone can do better. The threats are so diverse right now,” Krebs said. He added that many companies need to improve their “corporate citizenship” by increasing their cybersecurity practices.

Krebs was sacked by former President Trump in November after continuing to refute the president’s false claims that the election was stolen from him.

To learn more about Major’s conversation with Krebs, download the “The Takeout” podcast on Art19, iTunes, Spotify, Google Podcasts, and Stitcher. New episodes are available every Friday morning. Additionally, you can watch “The Takeout” on CBSN on Fridays at 5 p.m., 9 p.m. and 12 p.m. ET and Saturdays at 1 p.m., 9 p.m. and 12 p.m. ET. For a full archive of “The Takeout” episodes, visit www.takeoutpodcast.com. And you can listen to “The Takeout” on select CBS News Radio affiliates (check your local listings).
Producers: Arden Farhi, Jamie Benson, Jacob Rosen, Sara Cook and Eleanor Watson

CBSN production: Eric Soussanin, Julia Boccagno and Grace Segers
View Email: TakeoutPodcast@cbsnews.com
Twitter: @TakeoutPodcast
Instagram: @TakeoutPodcast
Facebook: Facebook.com/TakeoutPodcast

.



Source link