We have updated our Privacy Policy and Terms of Use for Eurasia Group and its affiliates, including GZERO Media, to clarify the types of data we collect, how we collect it, how we use data and with whom we share data. By using our website you consent to our Terms and Conditions and Privacy Policy, including the transfer of your personal data to the United States from your country of residence, and our use of cookies described in our Cookie Policy.
{{ subpage.title }}
Will the US be able to withstand cyber attacks on critical infrastructure?
The global cyber landscape has never seemed so dire. From Russian-backed ransomware attacks against America’s largest oil pipeline to the phone scammer who won’t leave you alone during dinner, we’re living in a brave new world. On GZERO World, Ian Bremmer speaks to Jen Easterly, director of the US cybersecurity agency, tasked with defending the country from all cyber threats — foreign and domestic, who is optimistic about the state of America’s cyber defenses.
Easterly says the US has finally gotten serious on protecting itself from cyberattacks. But the federal government still needs cooperation from the private sector, which operates 80% of the critical infrastructure that serves our daily basic needs. When passed, the Cyber Incident Reporting for Critical Infrastructure Act will require whoever operates critical infrastructure to report attacks coming from state and non-state actors.
Easterly digs into why Russia is the urgent cyber threat, but China could do more damage in the long term in its efforts to dominate global tech.
And should we worry about non-state actors like ISIS carrying out major cyberattacks. Is there still a threat? "Low probability, but high impact," Easterly tells Bremmer. The bigger problem, she adds, is the dozen or so states that are using cyber to do sort of lawful things like collecting intelligence, but then use it for nefarious purposes.
This interview was featured in a GZERO World episode: Hackers, Russia, China: cyber battles & how we win
Podcast: How the US will fight cyber wars
While Russia is the more urgent cyber threat, says Easterly, China could do more damage in the long term. As for non-state actors like ISIS carrying out major cyberattacks, there is "low probability, but high impact.” The bigger problem, she adds, may be nations that use cyber to do somewhat lawful things like collecting intelligence, but then use such practices for nefarious purposes. The US government has finally gotten serious about protecting itself from cyberattacks, but still needs cooperation from the private sector to drive down risk to the nation, Easterly explains, noting that the Cyber Incident Reporting for Critical Infrastructure Act will now require whoever operates critical infrastructure to report attacks coming from state and non-state actors.
Will the US be able to withstand cyber attacks on critical infrastructure?
The US Cybersecurity and Infrastructure Security Agency was set up in 2018 to help protect America's critical infrastructure.
It might sound like a technical term, but CISA chief Jen Easterly explains that critical infrastructure is how we get water, power, gas — even food at the grocery store. And 80% of it is operated by the private sector.
So, how does the agency help businesses defend themselves from hackers?
"In cybersecurity, the federal government is just a partner ... so we all have to work together to drive down risk to the nation," Jen Easterly tells Ian Bremmer on GZERO World.
- Does Jeh Johnson consider Russia's cyber attack against the US to ... ›
- Podcast: Lessons of the SolarWinds attack - GZERO Media ›
- SolarWinds hack a wake-up call to the tech sector - GZERO Media ›
- Biggest cybersecurity threat to watch in 2022 - GZERO Media ›
- A (global) solution for cybercrime - GZERO Media ›
- Hackers, Russia, China: cyber battles & how we win - GZERO Media ›
"We're identifying new cyber threats and attacks every day" – Microsoft’s Brad Smith
Cyber threats are the new frontier of war. That's why companies like Microsoft are investing heavily in the capability to identify new threats and attempted attacks. “We work every day to make sure that we’re identifying new threats and attacks, regardless of where they’re from,” said Microsoft President Brad Smith at the Munich Security Conference. This includes monitoring infiltrations and alerting companies, countries and sometimes even the public, as needed, in a timely fashion, he explained.
Smith spoke with moderator David Sanger in GZERO Media's Global Stage livestream discussion at the Munich Security Conference.
- How Russian cyberwarfare could impact Ukraine & NATO response ... ›
- DarkSide hack reveals risk of ransomware cyberattacks - GZERO ... ›
- Would you pay a cyber ransom? - GZERO Media ›
- Russian cyber attack could trigger NATO's Article 5, warns NATO ... ›
- How Russian cyberwarfare could impact Ukraine & NATO response - GZERO Media ›
- Global Stage ›
- Podcast: Cyber threats in Ukraine and beyond - GZERO Media ›
- Microsoft president Brad Smith has a plan to meet the UN's goals - GZERO Media ›
A Worldwide Threat Assessment
As we noted in the Wednesday edition, the US intelligence community has released its latest Worldwide Threat Assessment. Much of the media focus this week has fallen on President Trump's criticism of the US intel chiefs, but let's begin with the report itself. Here are its key findings:
- The Trump administration's trade policies have damaged US interests by pushing allies to build new relationships with other governments.
- "At present, China and Russia pose the greatest espionage and cyber attack threats."
- ISIS isn't finished. The group can still call on thousands of fighters in Iraq and Syria, as well as a dozen networks around the world.
- "Climate hazards such as extreme weather, higher temperatures, droughts, floods, wildfires, storms, sea level rise, soil degradation, and acidifying oceans are intensifying, threatening infrastructure, health, and water and food security."
- North Korea "is unlikely to completely give up its nuclear weapons and production capability." Following Kim Jong-un's meeting last year with President Trump in Singapore, North Korea has continued nuclear development in some areas and taken actions that are reversible in others. CIA Director Gina Haspel testified before Congress on Tuesday that North Korea "is committed to developing a long-range nuclear-armed missile that would pose a direct threat to the United States."
- Iran continues to support terrorist groups in the Middle East and Europe, but it's still complying with the terms of the nuclear deal even after the US withdrew from the agreement and re-imposed sanctions. Director of National Intelligence Dan Coats told Congress this week that "We do not believe Iran is currently undertaking activities we judge necessary to produce a nuclear device."
And now to the controversy. President Trump, who has made statements in the past that contradict every one of these findings, was not pleased with the assessment, particularly on the subject of Iran. "The Intelligence people seem to be extremely passive and naive when it comes to the dangers of Iran. They are wrong! When I became President Iran was making trouble all over the Middle East, and beyond," he tweeted on Wednesday.
If you want to know how a particular government weighs threats to national security, don't look to politicians. They have their own motives for stressing this or that threat. Look to intelligence professionals who were there before a particular president or prime minister arrived and will be there after they're gone. US intelligence has been (sometimes dangerously) wrong over the years, but the experience of its people and their extraordinary access to information make it unwise to dismiss their judgment.
And it's alarming to see the president of the United States, whom the US Constitution designates as Commander in Chief of the military, publicly deriding the integrity of the nation's intelligence agencies. This week, your Friday author is in Japan, one of several US allies where officials are watching with serious concern. It's also noteworthy that a clear majority of Republican senators voted this week to support a measure declaring that the Islamic State and al-Qaeda remain serious threats in Syria and Afghanistan, a rare rebuke for the president by lawmakers from his own party.
What to Worry About in 2019
What's the biggest geopolitical risk in 2019? Ian breaks it down and then talks with Woodrow Wilson Center Director, President, and CEO Jane Harman about national security, women in congress, and that old dream of bipartisanship. And of course, we've got Puppet Regime.