Video: Sen. Warner Comments on Colonial Pipeline “Ransomware” Attack, Says “imagine you had somebody shutting down 18,000 companies across our economy, we would come to a grinding halt”

This morning, Sen. Mark Warner appeared on CNBC and MSNBC to discuss the cyber/”ransomware” attack on the Colonial Pipeline. According to Sen. Warner, this attack was just against one pipeline, but “imagine you had somebody shutting down 18,000 companies across our economy, we would come to a grinding halt.” Sen. Warner added, “Cyber is always kind of a boring item – until it hits home…If you combine the pipeline ransomware with the 18,000 supply chain attacks that took place, you’ve got a potential disaster.”  Which means, in Sen. Warner’s view, “cyber security needs to be a higher priority for all of us.”

Sen. Mark Warner: “I know that we are seeing gas lines in Northern Virginia starting last night. I know this is a ransomware attack. And it shows that when a criminal element – we do believe this is criminal rather than a nation state – goes against any individual company, no matter how good they are, you can’t be perfect all the time. My concern is this; we see the effect of this ransomware attack against one pipeline. We saw…end of last year, the SolarWinds attack which was generated by Russia…Let’s imagine what happened if they were combined; imagine you had somebody shutting down 18,000 companies across our economy, we would come to a grinding halt.”

And we have no actual system in place to make – whether it’s Colonial Pipeline, Solar Winds, any other company actually – mandatorily report that information to the government in real time so that we could have a full-fledged response. We need to put together an entity that would include the government, the FBI, CISA…also some of the web services, Amazon, Microsoft…security firms…we need a real time reaction team and unfortunately we don’t have that right now…Cyber is always kind of a boring item – until it hits home…If you combine the pipeline ransomware with the 18,000 supply chain attacks that took place, you’ve got a potential disaster.”

“We’ve got those models in place – the national transportation safety board, there are early warning systems in the financial system. We would provide that company with a limited immunity, we’d keep that information confidential. We have treated cyber unfortunately as an afterthought for a long, long time, and as you pointed out, the number of companies that are getting hit on a regular basis with ransomware attacks and quietly paying in Bitcoin or other cryptocurrencies, I think would shock most folks in business. We are potentially seeing now this — cyber criminals get better, the nation states like Russia and China get more exquisite on their uses. And yes, there are things we can all do with better cyber hygiene. But a talented first-tier adversary against virtually any private sector company, I’m going to probably count that the first-tier adversary is going to get the company’s defenses.”

Five or six years ago we created a voluntary sharing of information with a limited liability protection. We are saying, and I think most companies now, even some of the major business organizations, now realize we need some mandatory level of reporting. So… what we’re talking about, is immunity to give it to…a quick response team. The company still has an obligation to the SEC on a breach notification. That is a separate question and issue. We need to make sure we’re able to put out these fires real time and not have as we did in the SolarWinds or Microsoft hack, the bad guys inside our systems for literally months without knowing. Or in the case of the pipeline, this was, again, more of a one-off ransomware, but this same criminal group coming out of Russia could potentially have used similar exploits to attack a variety of systems. And the sooner we know that, the better we can respond.”