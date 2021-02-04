Recent events — Donald Trump’s failed insurrection on Jan. 6, his pathetic departure from the White House, the upcoming Senate trial for his second impeachment, and the specter of security challenges from home-grown fascists — worry not only Americans but citizens of the entire world. The lasting damage he inflicted on the institutions and security of the United States will take a long time to assess.
Our compromised cybersecurity is one area where assessment is overdue. Given the gravity of the situation, President Joe Biden included $10 billion for cybersecurity and information technology in his proposed COVID-19 bill on the second day of his presidency. He is also assembling a team of experienced professionals to fend off future attacks on IT networks and to mitigate damage already caused by Russian operators. News of the long-hidden SolarWinds cyberattack on America was first reported in December.
After weeks of silence from our normally expressive “stable genius,” former President Trump’s conclusion regarding the vast cyberattack was not one of robust deliberation. He instead focused on pointing at China (not Russia) as the potential source of the hack. Trump’s own allies (including former Secretary of State Pompeo and U.S. Sen. Marco Rubio, R-Fla.) and the U.S. intelligence community had already agreed that Russia is the likely perpetrator.
Trump’s failure to actively support and strengthen the Cybersecurity and Infrastructure Security Agency, his arbitrary firing of its director, Chris Krebs, his earlier downsizing the cyberissues unit in the Department of State, his uncharacteristic dearth of tweeting following the 2020 attack’s discovery, and his clumsy and perplexing attempt to preemptively exonerate Russia did not inspire confidence.
Instead, Trump inspired déjà vu, and a suspicion that he was stuck in what programmers call an infinite loop. He also blamed “fake news” for exaggerating the severity of this attack, all while feebly reassuring the country that everything is under control.
The attack was real. Beginning in March 2020, Cozy Bear, a group linked to Russian intelligence agencies — the same group that perpetrated the 2015-2016 DNC hack, as confirmed by the U.S. intelligence community — maliciously compromised a software update for a network monitoring solution administered by SolarWinds, an American company. This gave the perpetrators unprecedented access to the IT systems for a huge range of SolarWinds customers, including various U.S. government agencies and corporations, which to date include the Pentagon, the departments of Homeland Security, Commerce, and Energy, as well as Microsoft. As the full extent of the damage is still undetermined, this list could very well expand to include the National Institutes of Health, and the departments of State and Treasury, with catastrophic consequences. The hackers were able to access confidential and classified information — information potentially sufficient to shut down power grids and wipe out bank accounts — and were able to corrupt information transmission and subvert the operations of the affected organizations.
The situation was grave enough that National Security Advisor Robert O’Brien abruptly flew back to Washington, D.C., cutting an overseas trip short, and CISA issued an emergency directive Dec. 13 to ensure appropriate measures were being taken against the cyber assault. Beyond that, the response of the Trump administration has been tepid. Russia denied its involvement, which Pompeo took at face value until he was confronted with bipartisan queries from senators Romney, Durbin, and Blumenthal. Trump, who appeared to spend most of his waking hours on Twitter and cable TV, stayed quiet on the issue, devoting time instead to rave about losing the election. It’s just another example of Trump chickening out wherever Putin is involved.
In stark contrast, Biden assured the public right away that his administration would treat this situation as a top priority, and seems to be following through so far. He has hopefully recognized that Trump’s actions — and inaction — were assets to Russia’s long-term goals. As Trump cried “wolf” at a host of imaginary predators, real predators now have access to data of crucial U.S. government agencies and strategically important corporations.
Mostofa Sarwar is a dean at Delgado Community College in New Orleans with a background in geophysics and computing.