In early May 2021, Colonial Pipeline, a private company, announced it had been the victim of a ransomware attack.  A Russian-speaking criminal extortion ring called DarkSide had taken control of a 5,500-mile pipeline operated by Colonial, then sent the company a ransom note that said, “Your computers and servers are encrypted, backups are deleted.  We use strong encryption algorithms, so you cannot decrypt your data.”

​

The note continued: “You can restore everything by purchasing a special program from us — universal decryptor,” which “will restore all your network.” < Note: Remarkably, within a month, the U.S. Department of Justice had recovered $2.3 million of the Bitcoin ransom Colonial paid to DarkSide, defying the notion that cryptocurrency is untraceable. >

​

In addition, DarkSide stole over 6 million pages of Colonial’s proprietary data, threatening that the information would be “automatically published” online if the ransom was not paid.  Colonial Pipeline provides 45 percent of the East Coast’s fuel supplies (i.e., gasoline, jet fuel and diesel) so needless to say, the disruption in the Northeast was massive.

​

Three weeks later, multiple meat processing plants operated by JBS – the world’s largest meat supplier — were the target of a massive cyberattack, as was Kaseya, an IT company, a few weeks after that.  U.S. intelligence officials confirmed the perpetrator of both attacks to be REvil, a cybercriminal, “ransom for service” organization based in Russia that allows other criminal groups to use its software for a fee.

​

< In November 2021, American and European authorities announced the arrest of several members of REvil, two of which were found in Romania.  Around the same time, a Ukrainian national named Yaroslav Vasinskyi was indicted for the attack against Kaseya. His alleged partner in crime, a Russian national, is still at large. >

​

Cyberattacks, cyber-terrorism and cyber-espionage pose an increasingly significant risk to the United States. This is a top national security priority of the highest order.  It is imperative that we have a comprehensive national cybersecurity strategy that thoroughly protects everything from our infrastructure to our intelligence databases.

​

Cyber threats are more ominous now that we have become increasingly reliant on technology, and information technology and physical infrastructure have become more interconnected.  Malicious cyber actors, nation-states and just plain bad people use cyberspace to do everything from steal information to disrupt the delivery of basic services to interfere in our elections, not to mention other crimes such as child pornography, financial fraud, and intellectual property theft.

​

A strong, responsible plan for cybersecurity is more important than ever.  If you think about it, our national crisis-management system was put to the test when the coronavirus hit America.  Needless to say, we didn't do so great.

 

A white paper released by the Cyberspace Solarium Commission — a commission established to "develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences" — put it this way: