What do you think? Leave a respectful comment.

Assessing the damage from the recent U.S. cyberattack

The Russian government is believed to be behind the recent cyberattack in the United States. Since it was revealed in December, the number of federal agencies and companies that were victimized by the attack continues to grow. Christopher Krebs, the former top cybersecurity official at the Department of Homeland Security, joins William Brangham to discuss.

Read the Full Transcript

  • Judy Woodruff:

    Of the many threats facing the Biden administration, cybersecurity remains a constant concern.

    William Brangham explores how a recent massive attack is still with us.

  • William Brangham:

    The Russian government is believed to be behind the so-called SolarWinds attack.

    It was revealed back in December, but, since then, the number of federal agencies and companies that were victimized by this hack have continued to grow. And that's raised concerns about what kinds of sensitive data might have been compromised.

    One person who's been hired to assess that damage is Christopher Krebs. He was the former director of the Cybersecurity and Infrastructure Security Agency. He was fired by President Trump shortly after he called the 2020 election, which he helped protect — quote — "the most secure in U.S. history." He's now a partner at the Krebs Stamos Group.

    Chris Krebs, great to have you back on the "NewsHour."

    This hack has been described as one of the most sophisticated cyber-espionage attacks against the U.S. in recent history. Your firm has been hired by SolarWinds, the software company that was a victim of this intrusion and then led to subsequent intrusions.

    Do you share the belief that this was the Russians behind this attack?

  • Christopher Krebs:

    So, certainly, even before I was brought in by the new CEO to help them both understand the nature of the compromise, the hack, but also how to build a leading-edge security program inside SolarWinds, it was obvious to, I think, most of the cybersecurity vendors and companies out there, as well as what I had heard and was hearing from the national security community, that this was very likely, if not certainly, the — a Russian espionage campaign tied to what's known as the SVR, which is their intelligence, their foreign intelligence service.

    And, again, it's got all the hallmarks of just quiet, patient, deliberate, very well planned and executed. And they showed, in fact, a good deal of restraint in how they executed, which is not always the tradecraft of some of the other Russian cyber-actors.

  • William Brangham:

    I mean, so many of our federal agencies were victims of this, many companies.

    Do you have a sense of what the Russians were after, what they took?

  • Christopher Krebs:

    If it is, in fact, an espionage campaign — again, I think that seems to be the general consensus — they're very likely looking for information on diplomatic negotiations, economic negotiations, national security conversations and policy-making that the Russians would be interested in, including things like chemical weapons and things of that nature.

    So, I do believe that they were they were pecking around, looking for relevant information to the Kremlin and the Russian government leadership. But they did so in a quiet and deliberate way. And they had a priority list, by what I understand.

    And so I think, when we get to the bottom of this one, it's certainly a very concerning compromise at the federal government. But it may be fairly targeted in terms of how they actually accessed and executed.

  • William Brangham:

    We know that the Biden administration has launched a full review of this hack.

    Do you have a sense of the things that they ought to be doing that might not have been done thus far?

  • Christopher Krebs:

    Well, I think we're going to have to have a — first probably something along the lines of a national commission on the broader campaign that the Russians launched.

    I suspect that there will be a number of companies that were impacted or compromised similar to SolarWinds. We have to continue advancing the cybersecurity posture of our federal agencies. And that's not just about buying more cybersecurity tools. We have to have modern systems in place. We have to have a meaningful governance structure in place, where someone in a position of authority like a national cyber director, or my old agency, CISA, is able to meaningfully engage in direct action within the civilian agencies that, unfortunately, to this day still are left a little bit too much on their own.

  • William Brangham:

    I want to turn lastly to the election.

    As you well know, you worked very hard to secure this election. And by all measures, that was a success. But the former president and many members of the GOP don't buy that. They argue that there was widespread fraud. The former president said that this election was stolen.

    I'm just curious, as someone whose job was not just to secure elections infrastructure, but also to bat down false facts, how do we, as a nation, wrestle with this ocean of misinformation?

  • Christopher Krebs:

    So, first off, we need those that propagated the big lie that the election was stolen, they need to own up to their lies, or they need to be held accountable.

    And one way for the president is through impeachment and conviction. I think that needs to continue moving forward for a few reasons. First is that — I have said it before, but you don't get mulligans in insurrection, in trying to overthrow an election. There have to be meaningful consequences, or someone a little bit more dedicated, a little bit more competent may be able to — may try it again and, unfortunately, next time be successful.

    We also have to send a clear message to our allies that we have governance mechanisms here in the U.S. to ensure that our democracy is stable, and, lastly, to dictators across the world that may try to meddle here or elsewhere that we're not going to tolerate it and that there will be consequences.

    But, beyond that, we have to continue from a transparency perspective educating the American people on how elections actively work. And I think that's in part what happened in the last year or so, is that some of the promoters of the big lie took advantage of the fact that the machinery of elections is not always immediately apparent to the American people.

    So, let's do something about that. I love the idea of bringing back "Schoolhouse Rock."

    (LAUGHTER)

  • Christopher Krebs:

    And how do we educate on civics?

    And — but beyond that, actually meaningfully investing in elections, eradicating some of the outdated systems and truly meaningful post-election audits.

  • William Brangham:

    All right, here's to more "Schoolhouse Rock."

    Christopher Krebs, former director of CISA, great to have you back on the "NewsHour."

  • Christopher Krebs:

    Thanks, William.

Listen to this Segment