Tuesday, May 11, 2021

3 ideas to stop the next Colonial Pipeline hack

Tomorrow's conversation, tonight. Know where the news is going next.
May 11, 2021 View in browser
 
POLITICO Nightly logo

By Eric Geller

With help from Renuka Rayasam

Fuel holding tanks are seen at Colonial Pipeline's Linden Junction Tank Farm in Woodbridge, N.J.

Fuel holding tanks are seen at Colonial Pipeline's Linden Junction Tank Farm in Woodbridge, N.J. | Getty Images

AND WHY THEY WON'T HAPPEN If you're only just learning about the existence of the malicious computer code called ransomware because of news stories about the Colonial Pipeline hack, you're not alone. Many of the companies that provide your power, water, food, clothes and other essential products and services are just as ignorant about the issue.

It's this lack of awareness of the growing threat posed by digital extortion schemes, along with a lack of a commitment to closing basic security gaps, that has left companies like Colonial vulnerable to the kinds of cyberattacks that have shut students out of remote learning, crippled hospitals already strained by the pandemic and overwhelmed local police departments. And while Colonial is slowly restarting its pipeline and the Biden administration says it isn't yet worried about fuel shortages, security experts say it's only a matter of time before some company's lack of due diligence leads to a bona fide catastrophe.

The Biden administration and the technology industry are racing to develop new tools to fight ransomware. The Justice Department has formed a task force, and a star-studded cast of cyber experts recently released a report with 48 policy recommendations.

But the most effective solutions might also be the most controversial ones. The criminals who conduct these attacks can easily hide their identities and camp out in countries with which the United States lacks extradition treaties. Many of the cryptocurrency exchanges that facilitate ransom payments thrive off of the criminal ecosystem and refuse to block or even trace the transactions for law enforcement. And our increasingly digitized society is a target-rich environment for hackers: Many organizations, including those with critical operations or sensitive data, fail to implement the most basic cybersecurity measures, like strong passwords and employee security training.

Congress could require state and local governments and a wider range of companies to meet minimum cybersecurity standards, not unlike how the FDA regulates food and pharmaceutical companies. Raising companies' defenses would protect them from ransomware and perhaps even push some criminals out of the ecosystem, but designing and enforcing cybersecurity regulations would be tricky and would certainly prompt a massive industry backlash.

Lawmakers could crack down on the anonymity of cryptocurrency marketplaces by requiring them to collect more information about their users. But that effort, too, would provoke strong opposition from the cryptocurrency industry, which is assembling a growing army of lobbyists.

Many companies don't even report ransomware attacks because they fear the stigma of being a hacking victim. A federal data breach disclosure law would help the government better understand the ransomware landscape as it plans operations like the takedown of hackers' digital infrastructure. But lawmakers have been deadlocked over data breach legislation for years.

The problem isn't that no one knows how to fight ransomware. The recent industry task force report contained few ideas that haven't been circulating among experts for years. The problem is that the proposals most likely to be effective are also the most politically contentious (cryptocurrency crackdown) or logistically daunting (regulating cybersecurity).

Defeating ransomware, like stamping out other cyber threats, will require a level of collective engagement and sacrifice that the U.S. and the rest of the world have almost never been able to muster. In the meantime, hackers know that they're always one weak password or gullible employee away from a big payday.

Welcome to POLITICO Nightly. Reach out with news, tips and ideas for us at egeller@politico.com and rrayasam@politico.com, or on Twitter at @ericgeller and @renurayasam.

 

SUBSCRIBE TO "THE RECAST" TODAY: Power is shifting in Washington and in communities across the country. More people are demanding a seat at the table, insisting that politics is personal and not all policy is equitable. The Recast is a twice-weekly newsletter that explores the changing power dynamics in Washington and breaks down how race and identity are recasting politics and policy in America. Get fresh insights, scoops and dispatches on this crucial intersection from across the country and hear critical new voices that challenge business as usual. Don't miss out, SUBSCRIBE . Thank you to our sponsor, Intel.

 
 
Talking to the Experts

FIRST THINGS NEXT — Covid cases and deaths are down in the U.S., but the country's vaccination levels have stalled. Globally, about 13,000 people are still dying every day as virus levels continue to grow in many countries. Nightly's Renuka Rayasam reached out to a group of public health experts and asked, What should be the top pandemic priority for the Biden administration right now? Their edited answers are below.

"The most critical Covid-19 priority for the Biden administration right now is to create a national strategy for the rapid detection and containment of a possible dangerous variant. To prevent this from happening, we need to coordinate the decentralized labs around the country that are now sequencing the genetic material of the virus.

"We must harness the collective efforts of these thousands of independent laboratories into a powerful new containment tool — namely, a centralized intelligence platform that tracks existing variants and rapidly characterizes new ones. Such a strategy and platform — including a national 'weather' map with real-time zip code-level precision of what variants are where — would allow public health officials and policy makers to employ a more targeted response to contain a new strain of the virus. This technology would enable swift activation of a containment plan when a threat is identified, even when vaccination data and genomic data is spread across multiple organizations, and empower the coordination of specimens, data and people within the affected community." Charity Dean, co-founder and CEO of The Public Health Company and former assistant director of the California Department of Public Health

"The top pandemic priority should be manufacturing and distributing vaccines around the world." Ashish Jha, dean of the Brown University School of Public Health

"The administration must prioritize defining how the U.S. will respond in an environment where Covid-19 is endemic with periodic reseeding of disease from variants. Strengthening the core public health system is essential to this capacity in order to rapidly identify new outbreaks of SARS-CoV-2, contain them using isolation and contact tracing and rapidly vaccinate newly at-risk populations. They also must start to work with the states and municipalities to get consensus around the guidance that defines the rules around selected re-closures in a way that does not create politicization." Georges C. Benjamin, executive director, American Public Health Association

"Shaping a comprehensive global road map for vaccinating the world against Covid-19, rather than one-off actions. This should be articulated in a high-level speech by the U.S. Secretary of State and should support the scale up of vaccine production globally to reach the needed 5 to 12 billion doses of vaccine, expand vaccine production, donations, and yes even patents. Vaccinating the deep red states to bring them up to the same level as New England, New York, New Jersey, California and New Mexico." Peter Hotez, dean of the National School of Tropical Medicine at the Baylor College of Medicine

"SARS-CoV-2 has had a profound and far-reaching negative impact on routine care — threatening to amplify SARS-CoV-2's massive health toll now and in the years ahead. Due to the pandemic, public health gains made in recent years have been ceded, critical care has been delayed, and well visits, routine vaccinations and health screenings for cancer and other chronic conditions have been disrupted.

"We must commit resources and support to help patients return to care . Vulnerable individuals are not only more vulnerable to Covid-19 — they, and others, are more vulnerable to the health issues that might be avoided by seeking routine care at health clinics and physician's offices. Without a concerted, concentrated effort to integrate patients back into the health care system, the compound effects of these missed visits have the potential to reverberate, like the pandemic, for years to come." Julie Gerberding, former CDC Director and executive vice president and chief patient officer, Merck & Co.

"Right now, there are myriad issues we need to be prioritizing: global vaccine distribution and equity being the top, followed by vaccine hesitancy and access within the U.S. — racial and social disparities that exist and were widened within the U.S. as a result of Covid-19, but also economic support for individuals and businesses to help support community interventions.

"We need sustained investment in public health and pandemic prevention, which includes local and national public health entities, research, genomic surveillance and sequencing, contact tracing, wrap around services for those requiring isolation/quarantine, and more preventive care in general. We need more focused hospital biopreparedness efforts, a robust supply chain for PPE, stronger public communication strategies to help educate on transmission/risk/nuance, and support for health care and essential workers." Saskia Popescu, assistant professor, biodefense program in the Schar School of Policy and Government, George Mason University

"The current state-based policies and behaviors that suggest the threat of the pandemic is past us are premature, ill-founded and unwise. We are letting down our guard and thinking in a limited, short-term manner.

"The priority is to combat the Covid-19 virus on every front. This chain is currently composed of many weak links, and each weak link needs to be addressed: Vaccinations to high-risk persons and especially resistant populations. Also getting nearly every adolescent immunized. Use clear explicit carrots such as the ability to attend many events, dine in restaurants, reduced fares for public transport, special discounts in supermarkets, and sticks — for many activities, if no proof of vaccination, people must wear a mask and have a recent negative virus screen.

"Work with higher-income allies including Europe, Japan, Australia and Canada and the WHO and World Bank to develop an emergency coordinated plan that addresses which are the countries of high risk — India, but also Pakistan, Bangladesh, Indonesia, Philippines — accumulates adequate fiscal and technical support, accelerates the vaccine production pipeline and convinces all the players (including all Americans) that this approach is not some do-gooder nicety but an ongoing huge threat to every person and economy in the world." Jeffrey Koplan, former CDC director and vice president for global health and professor of medicine and public health at Emory University

What'd I Miss?

Nightly video player of Senate Majority Leader Chuck Schumer

— Rare Schumer, McConnell showdown previews floor fight on Dems' election bill: The typically staid Senate Rules Committee hosted a rare dramatic showdown today: the majority leader versus the minority leader, sparring over Democrats' expansive election and ethics bill . In dueling remarks, Chuck Schumer and Mitch McConnell each accused the other's party of trying to weaponize voting laws to expand political power. The Schumer-and-McConnell show served as a preview of a forthcoming floor fight as Democrats push forward on the elections bill they've given the symbolically meaningful number of S. 1.

— Former Trump officials to defend Jan. 6 actions at congressional hearing: Former acting Defense Secretary Christopher Miller and former acting Attorney General Jeffrey Rosen will defend their actions and how their departments tried to protect the U.S. Capitol during the Jan. 6 insurrection, according to prepared testimony obtained by POLITICO ahead of a congressional hearing on Wednesday.

— Stefanik faces first House conservative foe in her push to replace Cheney: Rep. Chip Roy (R-Texas), a member of the ultra-conservative House Freedom Caucus, sent a memo to every Republican office in the chamber arguing that Elise Stefanik should not be serving in leadership. But Roy hardly embraced Liz Cheney's continued presence atop the conference, also asserting that the Wyoming Republican no longer deserves to be conference chair.

— States won't get J & J vaccines: States won't receive any doses of Johnson & Johnson's vaccine next week, the latest sign of how production problems are hurting output of the single-dose shot , according to four sources with knowledge. White House officials told governors on a private call today that new supply of the J&J shot wasn't immediately available for ordering, POLITICO has learned. It wasn't clear whether the federal government would ship out J&J doses through federal distribution channels, such as those for pharmacy chains and community health centers.

— Poll: Opposition to Newsom recall grows: A growing number of Californians oppose the forthcoming recall of Gavin Newsom, according to a survey released this morning, a boost for the sitting governor who has suffered a series of political blows over the past year. Roughly 49 percent said they were against removing Newsom, a tick higher than the 45 percent who responded similarly in January.

 

JOIN THURSDAY FOR A CONVERSATION ON TRANSGENDER POLITICIANS: More transgender people got elected to office at all levels across the country in 2020, in both blue and red states – and that number is likely to continue to grow. During the last year, constituents across America elected six transgender candidates at the state level as transgender rights gain more attention across the country. Join POLITICO Nightly: Daytime Edition for a conversation featuring transgender elected officials as they discuss their experiences running for and serving in public office. REGISTER HERE.

 
 
AROUND THE WORLD

A missile strikes during an Israeli raid on eit Hanoun City in Gaza.

A missile strikes during an Israeli raid on Beit Hanoun City in Gaza. | Getty Images

ANOTHER ESCALATION IN ISRAEL, GAZA A confrontation between Israel and Hamas sparked by weeks of tensions in contested Jerusalem escalated today as Israel unleashed new airstrikes on Gaza while militants barraged Israel with hundreds of rockets. The exchange killed a number of militants and civilians in Gaza and at least three people in Israel.

The barrage of rockets from the Gaza Strip and airstrikes into the territory continued almost nonstop throughout the day, in what appeared to be some of the most intense fighting between Israel and Hamas since their 2014 war. The fire was so relentless that Israel's Iron Dome rocket-defense system seemed to be overwhelmed. Columns of smoke rose from many places in Gaza.

By late today, the violence extended to Tel Aviv, which came under fire from a barrage of rockets launched from the Gaza Strip. A 50-year-old woman was killed. The outgoing volleys set off air raid sirens across the city, and the main international airport closed temporarily.

Nightly Number

150,000

The number of Johnson & Johnson vaccines administered in the last 24 hours, according to White House Covid data director Cyrus Shahpar. It is the highest daily total of J&J vaccines since April 15.

Parting Words

UNSOLICITED ADVICE FOR THE POST'S NEW EDITORTaking the top editor job at the Washington Post in the summer of 2021 is somewhat akin to stepping in as the manager of the 1928 New York Yankees , senior media writer Jack Shafer writes. Sally Buzbee has inherited a paper spinning with so much positive momentum and cred that you needn't do much in the short term but activate the cruise control, tap the brakes to negotiate corners and avoid scraping the guardrails to be considered a success.

Under Jeff Bezos and Marty Baron, the Washington Post retreated from its Graham-era position as a local paper that did national and international news to a national and international newspaper that still does some local news. Bezos may have never said he wanted his Post to be more like the New York Times, which stopped pretending to be very local in the early 1980s as it began printing a national edition, but that's been the outcome. As you know, the abandonment of local news made business sense because, to use the tech term-of-art, local news doesn't "scale," i.e., it doesn't interest readers living outside the publication's local footprint.

Bezos hates being No. 2 at anything, so if you're to challenge or displace the Times, you're going to need a bigger newspaper. The Washington Post will soon have about 1,010 newsroom employees versus the New York Times' 1,700. That's not a fair fight. Your 10-year plan must include a strategy to reach newsroom parity with the competition or to come up with a plausible explanation why the Post doesn't need as many bodies to make its arts, magazine, business, books, travel, culture and fashion coverage the equal of the Times. (Please don't say the Post will do more with less.) Make it your first priority to shake some of those Bezosbucks loose. If Bezos can afford a $500 million superyacht, he can afford a Times-sized newsroom. When Bezos bought the Post, he talked of providing the paper with a long "runway," and he did. Now you need to convince him to put some jumbo jets on it and let them take flight.

Did someone forward this email to you? Sign up here.

 

Follow us on Twitter

Renuka Rayasam @renurayasam

Chris Suellentrop @suellentrop

Tyler Weyant @tweyant

Myah Ward @myahward

 

Follow us

Follow us on Facebook Follow us on Twitter Follow us on Instagram Listen on Apple Podcast
 

To change your alert settings, please log in at https://www.politico.com/_login?base=https%3A%2F%2Fwww.politico.com/settings

This email was sent to edwardlorilla1986.paxforex@blogger.com by: POLITICO, LLC 1000 Wilson Blvd. Arlington, VA, 22209, USA

Please click here and follow the steps to unsubscribe.

No comments:

Post a Comment

Your Weekly Recommended Reads

Powered by AI, personalised for you Catch up on key news and analysis from the week gone by with The Business of Fashion's My...