Hackers shut down US pipeline

Ian Bremmer's Quick Take:

Hi, everybody. Ian Bremmer here. Happy Monday to you. A Quick Take. I wanted to talk about this unprecedented hack that has shut down a major pipeline in the United States. The Colonial Pipeline carries well over 2 million barrels a day. It's about half of the East Coast supply of gas and jet fuel. In other words, really not something you want to have suspended. And when I think about the impact of cyberattacks in the world, I mean, we've been warning that this is going to be a bigger challenge going forward, we're now really starting to see the implications of it.


In this case, it's a dual attack. It was an attack both against data in the firm that has been stolen that the organization, the criminal syndicate that has perpetrated the attack has said that they will make it public and delete all of the data from the system of the pipeline company if the ransom is not paid by the deadline that they have provided. And then of course, they also physically shut down the pipeline as well. It's an enormous problem. It's probably unprecedented in the scale of impact in the United States, though, we're seeing more of this kind of thing around the world.

So, let's take a step back. What does it mean? How much should we be worried and what can we do when we think about cyber? Well, when I think about the world of cyber over the course of the past 10 years, there are some aspects of it, the great power competition that has worried me less, because even though it's all about offense, the United States, the Chinese, the Russians by far the most capable in terms of offensive cyber capabilities than in other countries, like Israel and Iran with less but significant capabilities. But those governments, large governments do understand that if they are to engage in the kind of escalatory attacks, that could cause real damage to the country that they're going after, then the gloves come off and suddenly this can turn into a real national security danger. It could create a kinetic war that spirals out of control. And so, they don't do it. And so there has been a level of cyber deterrence between major countries all around the world.

You've seen these unprecedented attacks in the last months, for example, the SolarWinds attack that we believe came from Russia and other massive attacks coming from China. But in each of these cases, no critical infrastructure was destroyed or even damaged to the best of our knowledge. No, instead it was espionage. It was surveillance. It was monitoring. By the way, the Americans do the same thing to all of those countries, whether they have offensive cyber capabilities themselves or not. So that's a bit like the nuclear balance. It's all offense. It's not defense, but there are constraints on what countries do, because if you set off one nuke, other nuclear countries are quite likely to retaliate in kind. So it does create a level of stability, even though it is a more dangerous destructive environment in the world. You'd rather not have them than have them. Okay, that's the good side.

The bad side is that you sometimes have governments that engage in acts on cyber that go bigger and larger than had initially been presumed. So for example, when the Russians engaged in the NotPetya attack against Ukraine, which was a piece of malware that was reverse engineered out of the US, out of the National Security Agency developed in the US a few years before, it did hit Ukraine, it absolutely caused major economic damage and political stability damage to the country, but it also escaped. And so in relatively short order, you had Western corporations with operations primarily all over the world, very little in Ukraine. In some cases, just a couple of computers in Ukraine causing billions of dollars of damage because the malware spread. And the Russian government, I find it highly unlikely that they intended for that attack to spread. And the question was, did they either not know or not care? I suspect it's more the former than the latter, because if it got really big, this could have caused an enormous blow back for Russia. But that means that intrinsically when you're engaging in cyberattacks with new forms of weapons that have the ability to spread autonomously, there's greater danger around the nature of attack. That's one point.

Secondly, it's a lot harder to contain cyber offensive capabilities to a small number of countries. Obvious example, I mentioned among countries that have strong cyber capabilities, Iran. Now, we're working in the United States, the Biden Administration is working very hard right now to try to get the United States back into the JCPOA, the Iranian nuclear deal the Trump Administration unilaterally withdrew from. And if that happens, we will continue to successfully prevent the Iranian government from developing nuclear weapons capability with verifiable inspections on the ground. That's important, it's significant, but there has been no ability to limit the nature and development of Iran's offensive cyber capabilities, which they use against Israel, against Saudi Arabia, against the United States. And there's very little capacity to deter a government that is much more unstable itself, that has willingness. And it's the reason we don't want Iran to have nukes is because we think that that potentially could lead to much more conflict in the region. That's unacceptably dangerous to let's say Israel or to the Saudis, other American allies on the ground, but they have those cyber capabilities. And that's clearly a danger. I mean the Operation Shamoon, which the Iranians did, which looks like it was a reverse engineer of the Stuxnet attack that the Americans, the Israelis engaged in against Iranian centrifuges, basically was within a couple of hours of taking all of Saudi Aramco's energy production offline, and that could have precipitated a war.

So you're much closer to trip wires to red lines, even among governments, because of that when you talk about cyber. And then you have what we just saw, what we're experiencing now with the shutdown of the colonial pipeline, and this is a criminal syndicate. Non-state actors, whether they be gangs or the aforementioned 300-pound guy on a bed in New Jersey, or whether it's a terrorist organization, the ability of institutions and people that are much less easily determinable either because of the ideology or because you don't know who they are engaging in strikes that are really dangerous, that is becoming unprecedented in today's environment. And that's what we just saw. The cybercriminal gang called DarkSide is ostensively behind the attack on the Colonial Pipeline.

And this is a cybercriminal gang, right? It is a group of individuals. It is not known who they are. They have anonymity, they're quite sophisticated. And they engage in these strikes against multinational corporations, some small, some big, to enrich themselves essentially. And this organization, DarkSide, has said that they won't attack hospitals, for example. That's their form of ethics. Other such organizations have no such compunction. You've seen a number of hospitals shut down. For example, one of the things I was worried about is what would have happened if there had been a massive cyberattack by a criminal gang against American hospitals at the time when they were getting overwhelmed by the pandemic. This is an absolute, real danger and something that the technology exists to do. And the people that could engage in those attacks have that technology in their hands, right now. And so the only thing stopping them is the sense of ethics that these criminals actually have. That's a serious problem.

Now in the case of DarkSide, and a lot of these criminals are operating in areas where Western rule of law cannot reach them, the presumption with DarkSide is they are in the former Soviet space. And the reason I presume that is because those that are studying DarkSide's attack so far have seen no attacks against Russian and former Soviet countries. Companies that obviously would be just as exposed, in many cases more so than those outside of the former Soviet union. No attacks against Russia, Ukraine, against Kazakhstan, countries like that. So you would expect that the people that are engaged in DarkSide are either from one or many of the former Soviet states. A lot harder to hit them directly when rule of law doesn't reach that far and when the governments themselves are showing absolutely no interest.

In fact, in the case of Russia, many of the cyberattacks the Russian government engages in are essentially outsourced to these criminal gangs that make money both in terms of the national security efforts that they make at behest of the Russian government, but also then sideline, moonlight, have their side gig engaging in criminal activities, outside the former Soviet space.

The likelihood that this significantly worsens US and Western relations with Russia leads to more sanctions. If so, because the Russian government and others are refusing to take action. That's also a real problem. And one that isn't likely to get resolved anytime soon. So serious challenges as a consequence of this. It showed up very high on our top risks for 2021. This is part of the reason for it. And I suspect we're going to spend a lot more time on it going forward.

So, not the cheeriest topic for a Monday kicking off your week, but hopefully something we get resolved at least in this attacks case, in relatively short order. Be safe, everybody. Avoid fewer people and I'll talk to you soon.

Eni is helping to bring stable energy sources to the communities of Ghana. This means vaccines for children can now be safely stored, businesses can operate more efficiently, and the economy, as a whole, is strengthened and improved.

Watch to learn how Eni helps businesses grow and build for the future.

This week, the US Senate passed the so-called Endless Frontier Act, a $250 billion investment in development of artificial intelligence, quantum computing, the manufacture of semiconductors, and other tech-related sectors. The goal is to harness the combined power of America's public and private sectors to meet the tech challenges posed by China.

In its current form, this is the biggest diversion of public funds into the private sector to achieve strategic goals in many decades. The details of this package, and of the Senate vote, say a lot about US foreign-policy priorities and this bill's chances of becoming law.

More Show less

What do America's policies around the world mean for jobs, the economy, and the future of the country's future? This Tuesday, June 15. at 11 am ET, GZERO Media presents a a live discussion on trade, immigration, and how domestic issues like racism and deep partisan divides impact America's standing in the world. Our event, which is sponsored by Carnegie Corporation of New York, is free and open to the public. Please register to attend.

Judy Woodruff, anchor of the PBS NewsHour, will moderate the conversation with:

  • Donna Edwards, Member of Congress (2008-2017)
  • Ian Bremmer, President and Founder, Eurasia Group and GZERO Media
  • Anne-Marie Slaughter, CEO, New America
  • Miriam Sapiro, Managing Director, Sard Verbinnen & Co. (SVC) and Former Acting and Deputy U.S. Trade Representative
  • Cecilia Muñoz, Senior Advisor, New America

Special appearance by Governor Thomas H. Kean, Chairman of Carnegie Corporation of New York.

Far Away and Close to Home: How US Foreign Policy Impacts All Americans

Tuesday, June 15, 2021 | 11 am - 12:30 pm ET

Register to attend

Add to Calendar


Listen: Is there a path to democracy for Europe's last dictatorship, Belarus? Exiled Belarusian opposition leader Sviatlana Tsikhanouskaya discusses her hopes and fears for the country with Ian Bremmer on the GZERO World Podcast. President Alexander Lukashenko has maintained a tight grip on power in Belarus for the last 26 years and rigged the results of his last election which led to widespread protest and unrest in his country, though few consequences globally. But will he now be held accountable after diverting a flight between two European capitals to arrest a dissident journalist? And just how close are he and Vladimir Putin?

Subscribe to the GZERO World Podcast on Apple Podcasts, Spotify, Stitcher, or your preferred podcast platform to receive new episodes as soon as they're published.

Nigeria's federal government earlier this month blocked Twitter from the country's mobile networks, after the social media company deleted a controversial post from President Muhammadu Buhari's account. The move by Africa's largest and most populous economy comes as many governments around the world are putting increased pressure on social media companies, with serious implications for free speech.

So what actually happened in Nigeria, and how does it fit in with broader trends on censorship and social media regulation? Eurasia Group analysts Amaka Anku and Tochi Eni-Kalu explain.

More Show less

Get insights on the latest news in US politics from Jon Lieber, head of Eurasia Group's coverage of political and policy developments in Washington:

What's the significance of the US-China bill, competition bill that passed the Senate earlier this week?

Well, the bill is a major investment in American technology, research and development, semiconductor manufacturing, and it's designed to push back on the China Made in 2025 push that lawmakers have become increasingly worried about in recent years. The opinion in Washington has shifted from seeing China as a strategic competitor to a strategic rival. And you're seeing what's now likely to be one of the only bipartisan bills in Congress now pushing back on that. Significant money for semiconductors in this bill, even though some of it was set aside for automotive purposes. That money's not going to come online fast enough to really make a difference to the current global semiconductor shortage, but it will help build up US long-term spending capacity and manufacturing capacity in semiconductors.

Other aspects of the bill, banned the application TikTok from going on government devices out of security concerns, created new sanctions authorities around Xinjiang and Hong Kong for human rights abuses, and mandated a diplomatic boycott of the Olympics, which is probably going to happen anyway once the Biden administration is able to align with its allies. Let the athletes play. Don't let any high level delegations go. This is probably the only bipartisan bill to happen this year, yet still, half of Senate Republicans voted against it because they were opposed to the kind of industrial policy they think this represents, but it does show the area where there's bipartisan agreement in a city that's very, very divided right now. China is the bad guy and Congress is moving in that direction.

More Show less

Carl Bildt, former Prime Minister and Foreign Minister of Sweden, shares his perspective from Europe:

What do you expect from President Biden's first European trip since taking office?

Well, first, it will be sort of reconnecting with Europe, reconnecting with the European Union, with NATO, with the partners in the G7, and going really from the initial message, which was, "we are back," to a more concrete message, "here is what we could potentially do together." That is the expectations. And let's see how it turns out.

More Show less

Marietje Schaake, International Policy Director at Stanford's Cyber Policy Center, Eurasia Group senior advisor and former MEP, discusses trends in big tech, privacy protection and cyberspace:

When President Biden and President Putin meet, will cybersecurity will be a key issue that they discuss?

Now, I'm sure that there will be many thorny issues on the table. But after American fingers pointed to Russia and hold it responsible for the SolarWinds hack, it's likely. Criminals in Russia were also not hindered when they held the Colonial Pipeline Company ransom through a ransomware attack. And really, when journalists and opposition leaders cannot speak a single critical word without being caught, how come cybercriminals can act with impunity in Russia? So the need for prevention and accountability really is significant. And I hope the President Biden can push and persuade Putin to change the confrontational and aggressive course that he is on.

Subscribe to GZERO Media's newsletter, Signal

Watch "Far Away and Close to Home: How US Foreign Policy Impacts All Americans" live on Tuesday, June 15 |  11 AM – 12:30 pm ET

GZEROMEDIA

Subscribe to GZERO Media's newsletter: Signal

Watch "Far Away and Close to Home: How US Foreign Policy Impacts All Americans" live on Tuesday, June 15 |  11 AM – 12:30 pm ET

GZEROMEDIA

Subscribe to GZERO Media's newsletter: Signal