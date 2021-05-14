PD Editorial: A growing cyberthreat to national security

If there was anything surprising about the crippling cyberattack that shut down a critical pipeline this week, it’s that anyone was surprised.

Colonial Pipeline shut down a 5,500-mile pipeline that delivers about 45% of the fuel used on the East Coast after a ransomware attack on its corporate computer network. Prices soared, and people waited for hours to fill up — if they could find any gas at all.

Authorities say international cybercriminals targeted Colonial in an extortion plot. This time the impacts were mostly limited to the Southeast and mid-Atlantic, but Colonial’s predicament isn’t usual. Tulsa, Oklahoma is working to restore city services following a ransomware attack. So is the Scripps hospital chain in San Diego. Hackers published personnel files of Washington, D.C. police officers. And that’s just in the past two weeks.

The risks extend far beyond exposure of confidential information and disruption of commerce or public services. With skilled hackers seemingly undeterred by security measures in our increasingly networked world, cyberattacks could become one of the biggest national security threats of the 21st century.

Temple University tracks ransomware attacks against critical infrastructure, a category that includes food and water supplies, financial services, energy, public health and technology. There were 396 reported cases last year — a 93% increase from 2019.

The financial implications are sobering. At a White House news briefing this week, Homeland Security Secretary Alejandro Mayorkas said there have been $300 million in losses attributable to ransomware so far this year — up 300% from last year.

“The threat is real,” Mayorkas said. “The threat is upon us. The risk is to all of us.”

Many of the perpetrators are believed to be organized crime gangs located in Russia and elsewhere in Eastern Europe — beyond the reach of the U.S. justice system.

While cybercriminals are looking for a quick buck, unfriendly governments can adopt the same techniques to disrupt the U.S. economy or undermine national security.

One such breach occurred last year, when Russia hacked into the cybersecurity firm SolarWinds, gaining access to clients including the Defense Department, the Department of Homeland Security, the State Department and the Treasury as well as Microsoft and other large companies.

Companies like Colonial Pipeline — and The Press Democrat, which was hit by ransonware last fall but refused demands for payment — aren’t the only ones playing catch up on cybersecurity. The U.S. government is behind the curve, too.

Among his many counterproductive decisions, Donald Trump eliminated the White House cybersecurity adviser in 2018. No threat of Russian mischief, right? In January, Congress enacted a law restoring the position, and President Joe Biden subsequently nominated a former National Security Agency official for the job.

But one more high-level official won’t make much difference if the government doesn’t step up efforts to identify and protect vulnerable systems. In March, the Government Accountability Office reported that 50 of its 80 cybersecurity recommendations since 2010 have not been implemented.

The GAO said the federal government needs a more comprehensive cybersecurity strategy, more effective oversight of its security programs and stronger measures to protect critical infrastructure and sensitive information.

Colonial Pipeline reopened the spigot before fuel shortages grounded airplanes and disrupted mass transit systems. But the widespread impact of even a brief shutdown erase any doubts about the immediate need for enhanced cybersecurity measures. Because tomorrow may be too late.

