Logo

American Security Council Foundation

Back to main site

Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

Latest Hack to Test Biden's Vow for Consequences for Russia

Thursday, July 8, 2021

Categories: ASCF News Cyber Security

Comments: 0

Source: https://www.usnews.com/news/politics/articles/2021-07-07/latest-hack-to-test-bidens-vow-for-consequences-for-russia

By AAMER MADHANI and ERIC TUCKER, Associated Press

President Joe Biden delivers remarks on infrastructure spending at McHenry County College, Wednesday, July 7, 2021, in Crystal Lake, Ill. (AP Photo/Evan Vucci) THE ASSOCIATED PRESS

WASHINGTON (AP) — President Joe Biden said Wednesday he would “deliver” a message to Russian President Vladimir Putin about the latest ransomware attacks targeting American businesses, setting up a test of Biden's ability to balance his pledge to respond firmly to cyber breaches with his goal of developing a stable relationship with Russia.

The administration faces few easy options for a ransomware threat that in recent months has emerged as a major national security challenge, with attacks from Russia-based gangs that have targeted vital infrastructure and extorted multimillion-dollar payments from victims.

The White House says the damage from the latest attack — affecting as many as 1,500 businesses worldwide — appeared minimal, though cybersecurity experts said information remained incomplete. The malicious intrusion exploited a powerful remote-management tool run by Miami-based software company Kaseya. It occurred weeks after Biden made clear to Putin that the U.S. was growing impatient with cyberattacks emanating from Russia.

But Biden finds himself in a difficult position as he seeks to press Putin to crack down on Russian cyber gangs targeting U.S. and international business for financial gain and dial back Kremlin-connected cyber espionage. The administration is mindful that punitive actions against Russia can escalate into tit-for-tat exchanges that heighten tensions between nuclear superpowers.
The latest hack also comes after some Republicans accused the Democratic president of showing deference to Putin by meeting with him and making America weaker in the process. Biden has faced criticism of being too soft on Putin even though former President Donald Trump declined to blame Russia for hacks and interference in the 2016 election despite U.S. intelligence community findings.

Biden met Wednesday with Vice President Kamala Harris and top national security aides to discuss the problem. As he departed the White House to travel to Illinois, Biden was opaque when asked what exactly he would convey to Putin.

“I will deliver it to him,” Biden told reporters.

A White House National Security Council spokesperson said in a statement Wednesday that combatting ransomware remained a priority, but that the years-long threat “won’t just turn off as easy as pulling down a light switch.”

“No one thing is going to work alone and only together will we significantly impact the threat,” the statement said.

U.S. officials say they've preached to the private sector about hardening cybersecurity defenses, worked to disrupt channels for ransomware payments and scored a success last month with the recovery of most of a multimillion-dollar payment made by a fuel pipeline company. But they've been cautious about carrying out retaliatory offensive cyber actions for fear it could quickly spiral into a greater crisis. There are also practical limits to what the U.S. can do to thwart Russian cyber gangs.

Biden and top administration officials repeatedly said around last month's meeting with Putin that their goal was building a “predictable,” stable relationship. An all-out cyberwar would seem to work against this goal.

“It’s a very fine line that they have to walk as far as providing some kind of consequence for that behavior without it escalating to where cyberattacks are out of control, or increase it to a conflict that goes beyond the cyberspace,” said Jonathan Trimble, a retired FBI agent and cybersecurity executive.

White House press secretary Jen Psaki said Tuesday that Russian and U.S. representatives were meeting next week and would discuss the matter. She said administration officials used Wednesday's meeting to discuss building resilience to attacks and other efforts to combat the problem, and also addressed policies on payments to hackers.

The administration has yet to attribute the latest major attack to Russians hackers. Psaki did not directly answer how Biden might respond, but said he has "a range of options, should he determine to take action.”

Cybersecurity experts swiftly identified REvil as responsible for the attack, and the notorious Russia-linked gang appeared to admit it publicly by offering on its dark web site to make available a universal decryptor that would unscramble all affected machines if paid $70 million in cryptocurrency.

Biden said he set red lines by handing a list to Putin of some 16 critical infrastructure entities, including water systems and the energy sector, in the U.S. that are off-limits to attack. He said “responsible countries need to take action against criminals who conduct ransomware activities on their territory.”

The Kaseya attack did not appear to affect any critical infrastructure. Nevertheless, the incident shows that ransomware attacks, even if they don’t target critical infrastructure, have the potential to be damaging when done on a massive scale.

Biden also suggested that he told Putin that he stood ready to retaliate should the Russians go too far.

“I pointed out to him that we have significant cyber capability. And he knows it,” Biden said.

Further complicating matters, the Republican National Committee said Tuesday one of its contractors had been breached, though it did not say by whom. The RNC said no data was accessed.

The administration has already taken action against the Russians for cyberespionage, announcing in April the expulsion of 10 Russian diplomats and sanctions against several dozen people and companies over Kremlin interference in last year’s presidential election and the hacking of federal agencies.

The U.S. has other tools at its disposal. Assuming it can gather the evidence it needs to identify the hackers, the Justice Department can bring indictments — though absent the defendants voluntarily departing Russia, there is little chance of them facing justice in American courts. Hacks not only from Russians but also the Chinese have continued even after indictments.

There’s also the chance investigators in at least some cases can recover from criminals ransom that has been paid. The Justice Department clawed back a portion of the $4.4 million forked over to a Russian-linked cyber gang responsible for the attack on Colonial Pipeline, an attack that stymied the gasoline supply in the southeast U.S. for days.

James Lewis, a senior vice president at the Center for Strategic and International Studies, said the U.S. has been for too long in a “defensive crouch” when responding to ransomware attacks. The administration's options for assertiveness against ransomware criminals could include limiting their access to financial networks or hacking their command and control infrastructure.

“These are all tough choices and the default position is to be cautious, which is why we keep getting whacked,” Lewis said.

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.