On Sunday, Alexander said hacks from the two countries are "more blatant than" any he's ever seen during his "whole career." The former NSA boss said President Joe Biden's March 12 executive order, which was intended to support the country's response to cyberattacks through coordination with the private sector, is a step in the right direction, adding that more needs to be done.
“Both Russia and China are challenging us in this space, and it’s shown that we’re not ready," he told ABC's Martha Raddatz. "I think the executive order has some part of it, [but] we have to go faster. In my experience, the private sector is ready, they’re pushing forward.”
U.S. weak spots were exposed both during the Russian SolarWinds Hack last year and the Colonial Pipeline breach earlier in the month, which disturbed the country's supply of gasoline and created widespread shortages down the East Coast.
“And the Colonial Pipeline, even though they claim that it was from hackers, I believe they’re associated somehow. They’re sending a message, and they’re doing it blatantly, and they’re going after our intelligence system, and they’re saying, ‘We can do this.’ We’ve got to fix it.”
Biden forced harsh sanctions on Russia in mid-April in revenge for the SolarWinds hack, which compromised several federal government data sources, and in response to data that the Kremlin interfered in both the 2016 and 2020 elections. The president is set to face Russian President Vladimir Putin next month.
“The Russian hackers are clearly after gaining intelligence on our country, on what the administration is doing, what President Biden is thinking and what’s coming up against Russia as they prepare for the upcoming talks between President Biden and Putin," Alexander said.
In response to the Colonial Pipeline shutdown, Homeland Security Secretary Alejandro Mayorkas executed a slew of new contracts for pipeline executives on Thursday. DHS, alongside the Transportation Security Administration, will need pipeline owners and operators to report both confirmed and potential security breaches to DHS's Cybersecurity and Infrastructure Security Agency.
Oil infrastructure executives must "designate a Cybersecurity Coordinator, to be available 24 hours a day, seven days a week" and review methods to recognize gaps. Executives have also been told to offer cybersecurity reports to CISA and the TSA within 30 days.
“The cybersecurity landscape is constantly evolving and we must adapt to address new and emerging threats,” Mayorkas said in a statement at the time. “The recent ransomware attack on a major petroleum pipeline demonstrates that the cybersecurity of pipeline systems is critical to our homeland security. DHS will continue to work closely with our private sector partners to support their operations and increase the resilience of our nation’s critical infrastructure."