Colonial Pipeline hack shows US cybersecurity vulnerabilities

Tom Bossert, a former Trump security advisor, discusses how the ransomware attack on the nation's top fuel pipeline network exposes weaknesses of critical infrastructure to new threats.
3:14 | 05/12/21

Coming up in the next {{countdown}} {{countdownlbl}}

Coming up next:

{{nextVideo.title}}

{{nextVideo.description}}

Skip to this video now

Now Playing:

{{currentVideo.title}}

Comments
Related Extras
Related Videos
Video Transcript
Transcript for Colonial Pipeline hack shows US cybersecurity vulnerabilities
More on this from Tom Bossert, homeland security adviser in the trump white house. Tom, thanks for joining us again. Boy, everything we saw in gio's piece brings home how vulnerable we are to these cyberatacks. Good morning, George. It's always difficult to see this, but it's not new and it's not unpredictable. We've seen these vulnerabilities in a macro sense play out around the world and across the country at an alarmingly faster pace. At this point the group suspected to be behind this has at least 40 victims in its wake and they've really only been in operation a few years. This attack isn't all that sophisticated. Yeah, you know, we don't know in a micro sense which vulnerabilities were exploited or which techniques were used against colonial pipeline. The team is working on figuring out what is happening but we know what this group has done in the past and their techniques are known to the community. There might be a certification Microsoft problem here at play. We don't yet know. We believe they're based in Russia. Any connection to the Russian government? You know, a lot of this is a cyberproblem. But a lot of it, a lot of it is a foreign policy problem. We've seen this pattern play out in Russia where they sometimes conduct attacks with these criminal front group, sometimes they abet them in the background, and other times they simply ignore them and tacitly approve of their behavior. One thing noteworthy of darkside they have not conducted any attacks against Russian entities, only against English speaking western countries so clearly the Russians are aware of it and have some role to play and need to be held to account. I was struck by something one of your colleagues, Chris Krebs, said to "The Wall Street journal." We're on the cusp of a pandemic in an ever widening criminal enterprise. This scale is huge here. The dangers are real. The dangers are real. Think about this. We've got vulnerabilities in all of our systems and we've got interdependency among all pipeline providers, energy companies and critical infrastructure operators, it's not just the price at the pump and airlines suffering, but pretty soon people will realize that almost 40% of our energy supply comes from burning natural gas, so it's a big deal and it's time to hold the individuals at the keyboards accountable. There's a lot of cybersolutions and tools that we can tune to this problem and better address the techniques that they're using. That's great, but at this point I would advise president Biden to take some serious measures to make a meaningful dent in Russia's incentive system and to do that, he's going to have to thk seriously about attacking or at least sanctioning their oil supplies and their money and if he does that, I would give him some very stern advice to make sure he thinks through it so we don't get into an escalatory battle that we can't win. Holding this group is accountable is number one in my demands I think he should make. Tom, thanks very much. Thanks, George. Now to the coronavirus emergency.

This transcript has been automatically generated and may not be 100% accurate.

{"duration":"3:14","description":"Tom Bossert, a former Trump security advisor, discusses how the ransomware attack on the nation's top fuel pipeline network exposes weaknesses of critical infrastructure to new threats.","mediaType":"default","section":"ABCNews/GMA","id":"77640277","title":"Colonial Pipeline hack shows US cybersecurity vulnerabilities","url":"/GMA/News/video/colonial-pipeline-hack-shows-us-cybersecurity-vulnerabilities-77640277"}