On July 8th 2020, George Cotter, a veteran cryptologist and former Chief Information Officer of the National Security Agency, joined the Center’s Director of Infrastructure, Tommy Waller, to discuss the cyber threat landscape to America’s critical infrastructures – a topic Mr. Cotter characterized as “ominous with respect to anything of value to this country: critical infrastructures, our elections, and our grid.”
Initially, Mr. Cotter provided an overview of Russia’s cyberwarfare structure, explaining that the threat is led from the very top of the Federation – by Vladimir Putin – and is comprised of two main organizations (the GRU – an element of the Ministry of Defense, and the FSB – the remnants of the KGB) and a third “trolling organization” (the IRA) which especially targets online websites and social media platforms to support Federation interests.
Mr. Cotter then discussed the history of Russia’s targeting of elections where he speculated that Vladimir Putin began his focus on this vector in the wake of the 2012 elections, but that the effort began with a “reconnaissance” of American electric grid infrastructure. They first targeted three U.S. product vendors which control about 90% of the market for industrial control systems (ICSs are the types of devices which keep our grid infrastructure running). Using the access they gained to these ICS systems, they further penetrated the U.S. electric grid in 2013 and 2014 (where their malware likely still remains to this day.)
Mr. Waller and Mr. Cotter both agreed that this initial focus on the electric grid had a purpose – a “preparation of the battlefield” to create options for kinetic cyberwarfare for the Russian Federation for them to use at a time of their choosing. Mr. Cotter lamented that “to this day the penetration of the grid, at least at the U.S. Federal level, has never been connected to the elections.”
Throughout this must-watch webinar Mr. Cotter detailed how the Russian Federation operated, who they employed to attack these important American infrastructures, and how the U.S. Government has responded to date. The program highlighted the benefits of the nation adopting a cyber deterrence policy, which was recommended by the Defense Science Board in 2017 and the Cyberspace Solarium Commission (CSC) in 2020. Mr. Cotter detailed how cyber deterrence was used successfully by the United States in 2018 to prevent election interference – the result of Cotter’s own work to inform then-National Security Advisor John Bolton.
With respect to deterrence, Mr. Waller and Mr. Cotter also detailed how important it is “to keep the lights on” for America’s offensive cyber capabilities – necessitating the defense of the electric grid, which thus far has not been adequately protected because of the worrisome pattern of “security through obscurity” adopted by the utility industry and its federal regulators.
As America approaches the 2020 presidential election, Mr. Cotter shared his personal belief that the Russian Federation will not attempt to go into the state election systems but rather try to influence the voter process itself by “exploiting the substantial cultural, race and religious and other things that have now become the center point for discussions of the differences between the two parties, and that is playing right into the hands of the Federation because they can do that with disinformation, by making it look like any such effort is coming from anyone but them.”
Mr. Cotter’s predictions are reinforced by a 2018 Wired Magazine story which points to a report commissioned by the Senate Intelligence Committee which found that “the IRA used every major social media platform to target voters before and after the 2016 election” and “researchers found that, in fact, of the 1,100 total [IRA inspired] YouTube videos they discovered, 1,063 focused on police brutality and Black Lives Matter, 571 of which had keywords related to police and police brutality.”
Ultimately, Mr. Cotter and Mr. Waller agreed that America must awaken to the fact that we are in the middle of cyberwarfare and that we must rapidly adopt a national cyber deterrence policy and secure the electric grid assets necessary for the defense of the nation. Those interested in helping with this effort can do so by getting involved at www.SecureTheGrid.com