July 12, 2021 - Epoch Times
07:43
| 
| Time | Text |
|---|---|
| So Cash, the other topic I wanted to cover with you briefly today is just this, I guess it's our evil ransomware hack or apparent our evil ransomware hack and we're getting A lot of very disparate information on one side are saying something like a million accounts were compromised or something like this, I think in a blog entry. | |
| You have Casia, the company that was targeted, basically saying that perhaps 1,500 terminals or computers were affected and basically middle, small to medium-sized businesses, nothing as big as is being suggested. | |
| And we have the government, we have President Biden saying that I guess the intelligence community is telling him they don't have evidence of the Russian government being involved. | |
| So that's the lay of the land as I understand it. | |
| What are you seeing? | |
| Well, so yeah, so as an individual who used to be in the intelligence community and run operations and then ultimately Was the principal deputy at the Office of the Director of National Intelligence, the number two intelligence officer in government. | |
| We have some experience with this. | |
| It's not the first time the Russians have hacked us, and it's not the last time, if it was them. | |
| And here's what's going on behind the scenes without revealing actual classified information. | |
| But basically, the intel community should be collecting or emphasizing a collection effort on these hacks, the Colonial Pipeline, This one, and I believe there was another one that happened in the last couple of months. | |
| And they should be looking into, is there a pattern? | |
| Was it directed by the Russian Federation? | |
| Was it done indirectly through cutouts and private companies that have connections to the Russian Federation? | |
| And they should be providing all this information to the president and his cabinet. | |
| That's what's supposed to be happening. | |
| They should also be They, the U.S. government, should be engaging the private sector and these businesses that were impacted because it cost millions of dollars and millions of Americans to be directly impacted as to what are your security systems that are in place? | |
| How are they breached? | |
| Because the U.S. government doesn't know everything. | |
| But in partnership with the private community, it can learn a lot. | |
| It can also learn what information was stolen, how it was stolen, and then it can repair those systems on U.S. government databases as well as private sector databases so it doesn't happen again. | |
| So those are some of the sorts of things that are ongoing or should be ongoing now, but I don't know since I'm no longer there. | |
| So $70 million is the ransom, so to speak. | |
| It's not really clear what that exactly is for, right? | |
| Yeah. | |
| So the company that, if this reporting is accurate, the company or the organization that did this hack is saying, pay us. | |
| Until you pay us, we are not going to get out of your system. | |
| What happens is these hackers go into these private companies and they freeze their entire database, effectively shutting down whatever function that company does. | |
| Are they a grocery store? | |
| Are they a supplier of mechanics? | |
| Do they involve themselves in the monetary system, banking system? | |
| So that immediately impacts millions of people across the U.S. and around the world in those sectors. | |
| So the company's losing money. | |
| Americans are losing the ability to be provided with the services they're paying for. | |
| And these hackers know it. | |
| And they know a lot of these companies have a lot of money, so they might pay it. | |
| I mean, as you know, the United States government position is you never pay ransom. | |
| But private companies don't have to abide by that agreement. | |
| Right. | |
| The company seems to be saying that the impact is a lot less—and of course, you might expect they would say that—but the impact is nowhere near at the level that you've just been describing. | |
| There's basically isolated cases where people are affected. | |
| I think there's a Swedish supermarket chain that had to go off Yeah, it can vary, sure, depending on the nature of the hack and the skill set of those that are conducting the hack and who they're backed by. | |
| Do they have the financial wherewithal to just sit and wait for their victims to pay up? | |
| And if you're backed by the Russian Federation, you most certainly do have the financial wherewithal to wait. | |
| But you're creating a political narrative or a public story that a lot of people are focusing on and these hacks don't necessarily cost you that much money to execute. | |
| And these companies though are losing money by the hour. | |
| So some of them are probably willing to pay millions of dollars and I think some of them have agreed to pay millions of dollars quietly and directly to the hackers just to get their services back online. | |
| And I think it would be interesting to see if those private companies had any conversations with the White House. | |
| We're the intelligence community before paying those ransoms. | |
| That's another thing that I hope the administration's looking at. | |
| So at this point, you know, what's the resolution from the government perspective? | |
| Well, ultimately is to catch who did this, because as President Biden told President Putin, that if you hack us again, essentially issuing a red line, we're going to come after you. | |
| Now, I don't know what that we're going to come after you But I guess now it's time for President Biden to put up, because we've been hacked again, and it looks like at the hands of the Russians. | |
| And this intelligence is very exquisite and very sensitive, but it's something that's readily available to the president's cabinet. | |
| And the IC should be delivering that. | |
| The intelligence community should be delivering that immediately. | |
| The NSA, the CIA, and what have you. | |
| So by now they should know largely what happened or have a good idea. | |
| And then there should be some public statements made Are we going to sanction the individuals responsible? | |
| Are we going to raise tariffs on the country that houses them? | |
| Are we going to criminally prosecute these individuals? | |
| Are we going to go out, arrest them, and detain them because they are actually a threat to your community and obviously a flight risk if the hack came in from overseas? | |
| So those are things that you would hope the Justice Department is also focused on. | |
| And they can be complicated cases, but we make those cases all the time. | |
| I understand it's particularly difficult to actually trace the origin in most cases like this, especially when the hackers are proficient. | |
| From what I understand, we're pretty sure that they are Russian hackers, but as to who's really backing them or not, those kinds of details might be almost impossible to figure out. | |
| Sometimes it's very difficult. | |
| Most of the time, in my experience, if you want to find out and you want to expend the resources, the energy and the manpower to do it, you can figure it out. | |
| And there's multiple ways to do that. | |
| You have Congress who has access to all the sensitive intelligence through the intelligence communities and they can conduct their own investigations and request their own information for the hacks. | |
| And then you have the executive branch, which conducts investigations through the Department of Justice and the intelligence community, and then they can cultivate that information and either put out a piece of it or a summary of it or let the American public know what we're doing as a result of it. | |
| But I just don't believe there is enough of a focus like there was when I was running the IC against hacking, against Russian and Chinese and Iranian hacking capabilities, which are large and impressive. | |
| But we, under President Trump, made sure that we collected against those threats and made those a priority. |
Export Selection