Transcript: Chris Krebs on "Face the Nation," February 20, 2022
The following is a transcript of an interview with CBS News cybersecurity expert and analyst Chris Krebs that aired Sunday, February 20, 2022, on "Face the Nation."
MARGARET BRENNAN: U.S. intelligence officials said Friday that Russia was behind this past week's cyber-attacks in Ukraine that knocked banks and government websites offline. Now, there's a warning that American companies need to be on alert. For more, we go to CBS News cybersecurity expert and analyst Chris Krebs. Good morning to you.
CBS NEWS CYBERSECURITY EXPERT AND ANALYST CHRIS KREBS: Morning, MARGARET.
MARGARET BRENNAN: CBS reported that the Treasury Department actually sat down with some corporate leaders, including from JPMorgan, from Citigroup, some of the country's largest financial institutions. What do you see as the most immediate threat here in the U.S. from a cyber-attack that happens, you know, in a country 5,000 miles away?
KREBS: Well, the U.S. government has been meeting with critical infrastructure partners now for many months, so it hasn't just been last couple of weeks, as I understand it's going back as far as November or even earlier specific to the escalation of tensions here. What they've done is look back over the last several years of where Russian security services and cyber actors have targeted U.S. infrastructure, and that's energy, that's transportation, logistics and, of course, finance. And they're also combining it through a series of war games and scenario playing- scenarios playing out how the Russians may respond to any sanctions we could impose. And that's, I think, where we get to the financial services industry. And so that's probably at the top of the list as you consider some of the sanctions we've talked about. And that would be probably the- the counter move by the Kremlin and some of those security services.
MARGARET BRENNAN: So, two sort of distinct threats. One, unintended consequences of spillover, and the other if Russia decides to target the United States. What exactly is the cyber doctrine of the Biden administration? Do you know?
KREBS: Well, I think- I think that's unclear. I think it's probably a continuation of the prior administration where we enabled the Cyber Command actors and some of those other operators to go out over there under the defend forward and persistent engagement philosophy to get into the networks of our adversaries to understand where they are, where they're going and to put sand in their gear, so to speak, and add friction to their operations so they're too busy cleaning up their mess over there rather than- than coming here. And I think we're seeing a bit of that forward- defend forward mission manifesting in some of the recent disclosures.
MARGARET BRENNAN: The White House briefed on this Friday, and the cyber director said that while there's no credible threat at this exact moment, if the U.S. is hit, we are prepared to respond. The president himself said if American companies are hit, we will respond. What does the response look like? Would we even know it happened?
KREBS: That's- I think that's a great question of whether it would be an overt or covert, and it's not necessarily that it would be cyber for cyber, so to speak. You may see economic measures; you may see diplomatic measures in response to any sort of cyber activity against U.S. infrastructure. But at a minimum, what I would expect is, again, targeting of the systems, the infrastructure that the Russian operators use to conduct their attacks and make it so that they cannot do a follow up attack using that- that same known infrastructure.
MARGARET BRENNAN: How, you know, more broadly in terms of the strategy of the Biden administration, what do you think of their decision to declassify this cyber-attack, which they did pretty darn quickly and some of the other intelligence that they've picked up?
KREBS: Well, first, I think it's- it's worth pointing out that, as I mentioned earlier, they- they've had a fairly forward leaning engagement effort with infrastructure partners, with industry to protect domestic systems here at home. As recently as last Saturday, CISA, the agency that I led in the last administration released their Shields Up campaign, which provides resources to protect systems here in the U.S. But more importantly, and I say this is a former counteractive measures aficionado in the government, I've been really impressed with how they have proactively called out the bad activity, the malign activity of the Russian government to again delay some of their efforts. I mean, this is a rapid declassification that in years past, particularly on cyber activities, has taken months, if not a year or more. We're seeing it happen in a matter of hours. And it's it's- it's a dedicated effort, it's purposeful and it's- I hope we see more of it in the future.
MARGARET BRENNAN: How would you assess NATO's ability to respond to a cyber-attack? You heard Secretary Blinken say, you know, it is something that will be addressed. What would NATO do? Do they even have a plan?
KREBS: Well, NATO has capabilities, and they've- they've declared that cyber falls under the- cyber-attack, rather, on a member would fall under the Article Five provisions that would enable them as a- NATO as a team to respond to an attack on a NATO member. But it's not clear what that looks like just in practice, at least just yet. The language in Article Five is- is about restoring stability and restoring security, as well as just the threshold matter of an attack would have to be intentional and dedicated, likely on a NATO member. So, at this point, not Ukraine, but instead perhaps Poland, the U.S. or anyone else. But in the meantime, NATO can provide support teams for defensive purposes, and the U.S. has been supporting Ukrainian cyber- cyber efforts for quite some time to help bolster those networks, as you just heard the ambassador talk about some of the focus that they've had improving their cybersecurity.
MARGARET BRENNAN: All right. Chris Krebs, thank you for the warning to be on alert. Appreciate your time today.
