Unlike Russia, which didn’t mount the expected cyber-attacks against U.S. and allied critical infrastructure the West had feared when that country invaded Ukraine a year ago, China is unlikely to be so cautious, a senior Department of Homeland Security Official warned on Monday.
This is a lesson that China is learning from that invasion, Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), said after an address at Carnegie Mellon Univ. in Pittsburgh.
“I think they’ve seen that Russia, probably for fear of escalation, held off on going after our critical infrastructure,” Easterly said during a moderated discussion following her speech. “And I think in the event that they go after Taiwan, they’re going to want to make sure that they affect the unity that has been forged between the U.S. and our international partners, the unity that’s been forged within the U.S. by creating things like panic and chaos.”
She cited the ransomware attack in May 2021 against East Coast gas pipeline operator Colonial Pipeline as an example of panic and chaos that can ensue as a result of a cyber-attack. In that incident, the company temporarily shut down operations out of an abundance of caution to ensure a virus on its information technology systems hadn’t also infected its industrial controls. The shutdown led to gas shortages in some areas of the eastern U.S.
“And so frankly, I think that they’ll be less restrained because they’re already costing in attacks against our critical infrastructure that’ll help them essentially by affecting the will of the American people to support military maneuvers,” Easterly said of the lessons China is learning from the ongoing war in Ukraine.
Cybersecurity lessons that the U.S. can draw from Russia’s war against Ukraine include the importance of defenses and the importance of strong partnerships between the public and private sectors, she said.
Following Russia’s invasion of Ukraine’s Crimea in 2014 coupled sustained cyber-attacks since then, the Ukrainians “built up their defenses” and have “gotten better and better at withstanding those attacks, along with support from international partners and from private industry,” she said.
So, “defense really, really matters,” Easterly said. This means “continue to build safety and security and resilience,” she added.
The other lesson is “the value of just turbocharging partnership,” Easterly said. This has been accomplished through a more “real-time, much more vibrant, much more transparent” partnership between government and the private sector and is embodied in the Joint Cyber Defense Collaborative (CISA), she said.
The JCDC is how CISA operationalizes its collaboration with industry around cybersecurity.
Following Russia’s invasion of Ukraine, CISA initiated its “Shields Up” campaign to work with owners and operators of U.S. critical infrastructures and to raise awareness among citizens of potential Russian cyber-attacks against U.S. targets. Easterly said “Shields Up really needs to be the new normal” given threats from Russia, China, Iran and North Korea.