EXCLUSIVE: Republican Sen. Marsha Blackburn said the attack that forced the shutdown of Colonial Pipeline networks should be a wake up call to federal officials, warning that “cyber is a big part of 21st century warfare,” while proposing a number of measures to strengthen and protect U.S. critical infrastructure.
The FBI on Monday said the ransomware gang known as “Darkside” was the group responsible for the attack over the weekend that forced the shutdown of the Colonial Pipeline networks responsible for carrying gasoline from Texas to the Northeast.
FBI NAMES ‘DARKSIDE’ AS COLONIAL PIPELINE ATTACKER
“One of the things that is disappointing to me, whether it is a hack on a federal agency, or this attack on our critical infrastructure— we still have individuals who have thought, well this doesn’t happen that often so we don’t need to be that worried about it,” Blackburn, R-Tenn., told Fox News Tuesday.
“We have an axis of evil,” Blackburn told Fox News, pointing to “Russia, China, Iran and North Korea.”
“We need to know that whether it is Darkside, or someone else, that we need to be on our A game when it comes to prohibiting these hacks and realize that malware is out there and seeded in some of these networks,” Blackburn said, underscoring the important of providing “more resources for our critical infrastructure.”
“We have adversaries,” Blackburn warned. “They do not wish us well, and cyber is a big part of 21st century warfare.”
She added: “The sooner we admit it, the sooner we recognize it, the sooner we are serious about protecting ourselves from it, the more secure our nation is going to be.”
Blackburn, last year, as part of the National Defense Authorization Act, created a pilot program to develop and expand the National Guard’s cybersecurity technical assistance.
COLONIAL PIPELINE CYBERATTACKER ‘DARKSIDE’: WHAT TO KNOW
The program, which is in the process of being rolled out, allows the National Guard to provide “rapid, remote response for cyber assistance” to state and local governments, along with critical infrastructure entities, like Colonial Pipeline, when they are hit with cyber attacks.
One pilot program is currently being launched in Tennessee, and is working in coordination with U.S. Cyber Command, Blackburn told Fox News.
“With this, we can recruit individuals that have this skill set, that work in cyber as part of their day job, but they want to serve their country, and they can bring these skills to bare,” Blackburn explained.
“This is unique—it is a different concept,” Blackburn said, adding that the Guard would be able to provide “rapid, remote response.”
“Because when a cyber attack happens, what we know is you cannot lose time,” she said. “Time is precious when it comes to assessing the situation, getting your arms around it, and being able to remediate that situation.”
Blackburn said that the pilot program authorizes, trains and funds the National Guard so that they “can have the ability to do the proper response in the wake of cyber attacks.”
Blackburn said that the program is being rolled out in Tennessee to a point so that it can be “functional in other areas of the country.”
But as for preventing a cyber attack altogether, Blackburn said the key is “understanding how they are executing a hack.”
“This is where you have to have cross-agency cooperation,” Blackburn said, noting that the FBI was “first in line” in investigating the attack on Colonial Pipeline. “We need to work on structuring and restructuring some of that information sharing.”
Blackburn also said that it is critical to recognize that there are “hostile cyber actors,” and make “certain that you are using hardware and software that is reliable.”
BLACKBURN WARNS BIDEN ADMINISTRATION CHINA ‘IS OUR ADVERSARY,’ THREATENS SUPPLY CHAIN
“This is why we continue to say that you cannot use Huawei, because we know that Huawei embeds malware into their hardware, and you do not know it is in there until it activates itself,” she explained. “And at that point, it is too late.”
Meanwhile, Blackburn detailed the Civilian Cyber Securoity Reserve Act—a bipartisan, bicameral piece of legislation she and Sen. Jacky Rosen, D-Nev., rolled out last week.
The bill would establish a pilot Civilian Cybersecurity Reserve program to provide the U.S. Department of Defense and the U.S. Department of Homeland Security with cybersecurity-trained civilian personnel, with prior federal government or uniformed service experience, to ensure the government has the talent needed to address cyber vulnerabilities.
“This would ensure we’ve got the hands on deck that we are going to need to address some of these vulnerabilities,” Blackburn explained, noting that the Government Accountability Office (GAO) “has consistently identified shortages of cyber security personnel in different agencies.”
“What we need to do is have this cyber response force that is able to jump in when there is a hack, and also to be educating and helping these different divisions to shore up their protections so that they are more resistant to cyber attacks,” Blackburn said.
Meanwhile, as for Colonial Pipeline, a senior Department of Justice source told Fox News that the investigation into the attack is ongoing due to the involvement of ransomware, labeling the sophistication of the tools involved “very high.”
Darkside announced its existence in August 2020, and claims it does not attack medical, educational or government targets – only large corporations – and that it donates a portion of what it takes to charity.
The group will harvest data from a victim’s server, then encrypt it and request a ransom. The group then will upload the data to a leak website on the dark web, which will publish should it not receive the ransom, risking sensitive data loss for any victim organization.
Darkside has advertised stolen documents from more than 80 companies across the U.S. and Europe on its website.
Colonial Pipeline, in a statement Monday, said they are dedicating resources to “restoring pipeline operations quickly and safely.”