What do you think? Leave a respectful comment.

Is the Russian government involved in the Colonial Pipeline hack? One expert weighs in

The Colonial Pipeline ransomware attack showed the vulnerability of key parts of America's critical infrastructure, and how hostile actors can exploit those weaknesses. William Brangham and investigative reporter Michael Weiss look at what role — if any — the Russian government might have played in the hack, and what else might be on the horizon.

Read the Full Transcript

  • Judy Woodruff:

    This one ransomware attack showed the vulnerability of key parts of America's critical infrastructure, and how hostile actors can exploit those weaknesses.

    William Brangham looks at what role, if any, the Russian government might have played in this hack and what else might be on the horizon.

  • William Brangham:

    While this cyber attack was claimed by the Russian hacking group known as DarkSide, the Biden administration yesterday strongly hinted that the Russian government, perhaps through its notorious spy agency, the GRU, might've also been involved.

    Michael Weiss is an investigative reporter who's writing a book about the GRU.

    And, Michael Weiss, great to have you back on the "NewsHour."

    So, with regards to this ransomware attack, the Biden administration, as I mentioned, strongly implied that the Russian government must have known about this in some way. What is your sense about that?

  • Michael Weiss:

    Well, according to the cybersecurity experts I queried, they believe this was a criminal apparatus, but there is an asterisk when you say something like that with respect to Russia.

    It is true that the FSB — that is the domestic security agency of the Russian government — has often outsourced its hacking operations to various criminal rogue elements, not only in the Russian Federation territory itself, but in other countries.

    They have created this environment, this permissive environment, which has allowed these cyber-operators to proliferate. I find it very hard to believe that Russia's counterintelligence or their intelligence services haven't figured out who the actors were. And if they had given them a kind of by your leave, as it were, to go after targets in the West, but to do so with this veil of plausible deniability, that wouldn't surprise me in the least at all.

    The one thing I will say, though, about attributing this to the GRU is that the GRU tends not to outsource, unlike their sister service the FSB. They have their own very proactive cyber-operations capability, dispatching actual operatives physically to countries they look to hack in close access operations.

    They did famously won in The Hague in 2018 to try and penetrate the OPCW, the Organization for the Prohibition of Chemical Weapons, which was compiling evidence to determine the Skripal assassination was indeed a Russian state assassination attempt, among other things.

  • William Brangham:

    So — and, according to Politico, the Biden administration now seems to believe that the GRU was somehow involved in these directed energy attacks against U.S. officials in Cuba, Europe, even perhaps here in Washington, D.C.

    Does that seem, again, from your reporting, likely that they were involved in those attacks?

  • Michael Weiss:

    Yes, I mean, one of the victims of this directed energy attack is Marc Polymeropoulos. He was the former head of European operations at CIA.

    And he was hit with this thing in Moscow. It's very unlikely they didn't know that he was an American intelligence officer when he was stationed there under diplomatic cover or whatever. The GRU exists for one purpose, and one purpose only, to prepare Russia for war with the West.

    So, if you're using any kind of kinetic, or I guess, in this case, electronic or microwave technology to attack American servicemen or American spies undercover in foreign postings, it only stands to reason that it would be the GRU that was wielding these devices.

  • William Brangham:

    So, you touched on some of these other instances where it does seem pretty clear that GRU fingerprints all over them.

    What is your broader sense? You touched on this as well, though. What does the GRU, and, through it, the Russian government want with all of these actions? What's the goal here?

  • Michael Weiss:

    Well, I mean, fundamentally, undermine Western interests, try and divide Western countries between and amongst each other, particularly within the European Union and NATO.

    The most high-profile, headline operations that have been disclosed in the last month have occurred in the Czech Republic and Bulgaria, and these are old operations, one seven-year-old ammunitions depot blown up by GRU operatives, including, by the way, the two assassins who tried to murder Skripal just a few years later. Using the same cover identities, they smuggled themselves into the Czech Republic.

    And another series of operations in Bulgaria, where they had attempted to poison with Novichok an Bulgarian arms dealer by the name of Emilian Gebrev. I have interviewed him for my book, and he recounted in agonizing detail the ordeal he had to suffer.

    These guys exist to do two things, undermine Western governments through kinetic, frankly, terroristic activities — I mean, setting things alight, blowing things up on NATO soil is — meets the definition of state terrorism — and murder. These guys are mean. They are very, very hyperactive.

    And here's the scary part. We only know a quarter, at most, probably less, a fraction, really, of what they have got up to, based on their travel plans, their itinerary, right? So, by no means is this — this is only the tip of the iceberg.

  • William Brangham:

    All right, Michael Weiss, editor at large at The Daily Beast, always good to have you.

    Thank you.

  • Michael Weiss:

    My pleasure.

Listen to this Segment