Christopher Krebs, former director of the Department of Homeland Security’s Cybersecurity and Infrastructure Agency, praised the Biden administration for taking steps to address cybersecurity threats. Krebs spoke with Major Garrett, Washington correspondent for CBS News, for this week’s episode of the podcast “The Takeout.”
President Bidenwith the goal of tightening the federal government’s cybersecurity defenses by leading the Commerce Department to create new standards for software vendors that supply the federal government. Krebs called the action a “dramatic game changer” that showed Mr. Biden’s “committed leadership vision” to prioritize cybersecurity concerns.
Highlights of this week’s episode:
- Christopher Krebs on Biden’s executive order: “It dramatically increases the security expectations of software products that are sold to the federal government.”
- Presidential and congressional actions on cybersecurity: “You need both.”
- Ransomware attacks: “Ransomware is a really really profitable business these days.”
- Need for companies to take steps to protect their software: “Everyone can do better. The threats are so diverse right now.”
“It dramatically increases the safety expectations of software products sold to the federal government,” Krebs said, explaining that this would have a “cascading effect” for products sold to ordinary American customers.
Krebs praised Mr. Biden for “abandoning the traditional approach” to tackling cybersecurity, but said Congress should also act to strengthen the country’s cyber infrastructure. Krebs has previously asked Mr Biden to incorporate this into his $ 2.3 trillion infrastructure proposal.
“You need both,” Krebs said, which meant presidential and congressional actions.
Krebs also responded to the ransomware attack on Colonial Pipeline, after the companywhich has begun restarting pipeline operations after a cyberattack forced the company to disconnect some of its systems last Friday.
“Ransomware is a really, really profitable business,” Krebs remarked.
The company, which operates a major energy pipeline, first announced the hacking a week ago, and also soon disclosed that “this incident involves ransomware.” Several sources told CBS News on Thursday that Colonial Pipeline paid a ransom to hackers who had infiltrated the computer network. The money was paid shortly after computer systems began crashing late last week.
The FBI said Monday that the attack was the work of a criminal gang known as DarkSide, an operation that Krebs said was composed primarily of Russian individuals, many teenagers, or early twenties. Colonial Pipeline said an external security company is investigating the incident.
Krebs said DarkSide not only contains data for rescue, but will also filter it out, calling the operation “fifth-dimensional chess here from a criminal perspective.”
Mr. Bidenthat there is no evidence that the Russian government was involved in the ransomware attack on Colonial Pipeline, although U.S. intelligence suggests that hackers live in Russia. Krebs said he had “difficulty seeing how it would be possible” for DarkSide to work without Russian national intelligence being aware of its actions.
“There are previous examples of ransomware crews coordinating and collaborating with Russian intelligence,” Krebs said.
The decision to take the company’s systems offline sparked long lines in some states this week, as gas prices in some areas peaked at nearly seven years, and service stations in several states suffered. long lines and many ran out of gas. The 5,500-mile gas pipeline supplies approximately 45% of East Coast fuel.
Krebs also discussed SolarWinds hacking last year, an intrusion that initially gave cybercriminals access to 18,000 government and private computer networks, although a much smaller number was the real target of espionage. The National Security Agency, the FBI and the CISA have formally attributed the attack to Russia, saying the country’s Foreign Intelligence Service (SVR) directed the intrusions. The Biden administration recentlypartly in response to the SolarWinds intrusion.
Krebs, whose cybersecurity consultant who works with SolarWinds, said “there are many lessons learned that everyone can learn” from the intrusion.
“Everyone can do better. The threats are so diverse right now,” Krebs said. He added that there were many companies that needed to improve their “corporate citizenship” by increasing their cybersecurity practices.
Krebs was fired by former President Trump in November after he continued to deny the president’s false claims that he was robbed of the election.
For more Major conversation with Krebs, download the “The Takeout” podcast on Art19, iTunes, Spotify, Google Podcasts, and Stitcher. New episodes are available every Friday morning. Also, you can watch “The Takeout” on CBSN on Friday at 5pm, 9pm and 12pm ET and Saturday at 1pm, 9pm and 12pm ET. For a complete archive of episodes of “The Takeout,” visit www.takeoutpodcast.com. And you can hear “The Takeout” on some CBS News Radio affiliates (check out your local listings).
Producers: Arden Farhi, Jamie Benson, Jacob Rosen, Sara Cook and Eleanor Watson
CBSN Production: Eric Soussanin, Julia Boccagno and Grace Segers
Show email: TakeoutPodcast@cbsnews.com