Defense Against Cyber Attacks and Other Threats | 60 Minutes Full Episodes

Scattered Spider rel="noopener noreferrer" target="_blank">(00:00:11)

• Ransomware attacks are on the rise, with hackers targeting hospitals, pharmacies, tech companies, and even major casinos like MGM Resorts. These attacks involve encrypting critical files and demanding ransom for their release.
• A new group of hackers, known as Scattered Spider, has emerged, composed of young criminals from the US, UK, and Canada. They have partnered with Russia's notorious ransomware gang, Black Cat, creating a formidable force.
• Scattered Spider's success stems from their fluency in Western culture and their expertise in social engineering. They use deception and manipulation to gain access to company networks, as seen in the MGM Resorts attack where they impersonated an employee to reset a password. This partnership between Scattered Spider and Black Cat represents a dangerous evolution in cybercrime, combining Western social engineering skills with Russian ransomware expertise.

Shields Up rel="noopener noreferrer" target="_blank">(00:13:41)

• The US government has issued a warning about dangerous new malware that could disrupt industrial systems worldwide, following Russia's attempt to knock out power in Ukraine. The Biden administration has released intelligence indicating that the Kremlin is preparing for cyberattacks on American soil.
• The Department of Homeland Security has launched an initiative called "Shields Up" to prepare for potential Russian cyberattacks. Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), emphasizes the need to assume disruptive cyber activity and be prepared. She encourages individuals to update software and use multi-factor authentication.
• Experts warn that the energy and finance sectors are particularly vulnerable to Russian cyberattacks. Robert Lee, a former NSA hacker and co-founder of Dragos, a cybersecurity company, highlights the 2015 attack on Ukraine's power grid, where Russian hackers remotely shut down substations, causing blackouts for thousands. He emphasizes that Russia has demonstrated the capability and willingness to carry out such attacks.
• Lee also points to the 2017 attack on Saudi Arabia's Petro Rabigh oil refinery, where hackers implanted malware known as Triton, designed to target safety systems and potentially cause explosions and release toxic chemicals. This attack was the first known instance of a cyberattack explicitly designed to kill people.
• The US Justice Department has unsealed indictments against Russian hackers involved in these attacks. Deputy Attorney General Lisa Monaco emphasizes the need to be vigilant and warns that Russian state actors are actively scanning and probing for vulnerabilities in critical infrastructure and businesses.
• The US has taken preemptive action against Russian hackers, removing malware and locking down systems. However, experts believe that Russia will likely retaliate with cyberattacks as a response to the economic sanctions imposed for the invasion of Ukraine.
• Dimitri Alperovich, co-founder of CrowdStrike, suggests that Russia may be holding back on a full-scale cyberattack in hopes of negotiating an end to sanctions. However, he believes that Russia will eventually resort to cyberattacks as a means of retaliation.
• Experts argue that the US needs to demonstrate its cyber capabilities to deter future attacks. They suggest that a cyber operation, such as temporarily disconnecting Russia from the internet, could effectively communicate the US's ability to respond.

The Grid rel="noopener noreferrer" target="_blank">(00:27:01)

• The North American electric grid is a critical part of our infrastructure, but it is vulnerable to various threats, including severe weather, cyberattacks, and physical assaults. The grid is a complex system of public and privately owned infrastructure, much of which is outdated and lacks adequate security measures.
• A 2013 attack on a PG&E substation in California highlighted the vulnerability of the grid to physical attacks. The attackers, who remain unidentified, targeted high-voltage transformers, causing significant damage and disrupting power for weeks. This incident demonstrated the potential for cascading blackouts, where the failure of one substation can trigger a chain reaction across the grid.
• A study commissioned by the Federal Energy Regulatory Commission (FERC) found that a relatively small number of attacks on critical substations could cause a nationwide blackout. The report, which was leaked to the Wall Street Journal, concluded that just nine substations could be enough to cripple the entire US grid. This finding has raised serious concerns about the grid's vulnerability to both physical and cyber threats.

The Five Eyes rel="noopener noreferrer" target="_blank">(00:40:19)

• The Five Eyes Alliance, comprised of the intelligence agencies of the United States, United Kingdom, Canada, Australia, and New Zealand, has publicly acknowledged China as the greatest espionage threat to democracy. This alliance, formed after World War II, has never before appeared together in an interview. They are alarmed by China's unprecedented theft of intellectual property, trade secrets, and personal data, which they claim is happening on a scale never seen before in human history.
• The Five Eyes are concerned about China's efforts to steal technology secrets from companies in the United States and its allies. They cite examples of Chinese companies acquiring land and building plants near US military bases, as well as Chinese agents attempting to discredit political candidates critical of the Chinese government. They also highlight the use of professional networking sites to target individuals with security clearance or working in sensitive technology fields.
• The Five Eyes are calling on companies operating at the cutting edge of technology to be aware of the geopolitical implications of their work. They argue that China's actions pose a threat to American jobs, families, and livelihoods, and that companies should be proactive in protecting their intellectual property. They also emphasize the importance of collaboration between governments and the private sector to combat this threat.