3 Burst results for "Chertoff Group"
"chertoff group" Discussed on Bloomberg Radio New York
"David Weston President Biden is about to announce a series of steps the government is taking to maximize protections against the spread of the over crown variant including efforts at the border to keep the virus out of the country wherever we can We welcome back now Michael chertoff he's former secretary of Homeland Security He is cofounder of the chertoff group So Michael thank you so much for being back with us I mean you had responsibility for that border security Give us a sense of the responsibility we're putting on the shoulders of people like at TSA and for that matter on our border with Mexico or border with Canada Well I mean I think that obviously there's going to be a new set of requirements I think at least discuss the possibility requiring testing within a day before you come into the United States I think be sure to check in at the border in terms of whether people have a randomized testing or temperature or things of that sort So there will be an operational change that will have to go into effect Now this has happened before and we've dealt with it But it forced a little bit of a shakedown that's required to get everybody up to speed on new protocols to make sure they're properly equipped And of course if the land borders you get a lot of pressure because there you've got a huge volume of people and that means you've got a lot of additional folks you have to test or evaluate Well talk about the landlord just for a moment Michael because we do hear I've heard on this program several times and I must say often it's from Republican lawmakers saying part of the problem with the pandemic actually is that border with Mexico There's a fair amount of disease coming across the border Do we know if that's true I don't really know that that's true I mean it reminds me of people saying that oh the border of Mexico is in vehicle or an avenue for a lot of terrorists which turned out not to be true In fact if we've gotten terrorists coming their first land border it is typically been from Canada not So I think that gets swept up in politics I don't think there's a particularly high level of disease coming from Mexico But again you know you have to look at all the borders landscape and air if you're going to take a comprehensive approach So Michael we're going to the holiday season Obviously unfortunately we're going to be focused once again on COVID and particularly as overcome variant But give us a sense of what other security risks that might be heightened during this holiday season One of the risks which will continue in terms of cybersecurity as more of a Civil War remotely we've been using our devices on the network Many of those devices are not particularly well protected And he's become avenues for people to engage in cyberattacks But beyond that we've seen a dramatic increase in ransomware we've seen a tax on healthcare systems Colonial Pipeline other kinds of critical infrastructure and I have every reason to believe that may continue And that's going to require a strategic change in terms of how we look at cybersecurity both from the government and from the private sector I know the government now is focusing on upping the game in terms of defending critical infrastructure And I expect with in very short order we're going to see some additional new steps taken to make sure we are protecting ourselves against not only criminal groups but frankly geopolitical adversaries like Russia and Iran And we had that spate of incidents including pipelines and things like that A lot of ransomware attacks They seem to have died down a good deal Is that because we're doing a better job I don't think that you dive down frankly I think maybe they paused a little bit We are doing somewhat of a better job I know the TSA for example put out rules with respect to pipelines that increase their cybersecurity capabilities But I wouldn't count on this coming away And in fact there was a story reported recently in the news about the Iranians attacking their major healthcare system in Israel So this is going to be with us for some time And particularly as matters heat up with Russia and Ukraine we may wind up hearing some affects of that in terms of cyber disruption aimed at distracting the United States from being too engaged in what's going on in Europe Mister secretary tickets back into your old job for a moment because there are various instance we had that terrible incident with the walker shook holiday parade with the motorists who drove through the prey We also have all of these apparently organized smash and grab it and what you call it thieves sort of breaking into stores in Northern California At what point does that become a Homeland Security issue rather than simply a local law enforcement issue Well I think certainly if you're dealing with an organized group particularly when it's motivated by terrorism does become a Homeland Security issue I don't know that there was concent case was a terrorist issue sure I think it may have been somebody involved in criminal activity fleeing and trying to distract and these efforts to engage in smash and grab alluding in California against humanely criminal What I do think we see there was a phenomenon in which as someone carries out for example a series of criminal acts others watch it and they start to imitate it And this is really a challenge for social media whether these platforms are not becoming vehicles for inciting bad behavior on the part of those who watch it succeed and go well I'm going to do this too And then this we're going to need to take a closer look at how do we work with social media to make sure you're not becoming incendiary tools in promoting criminality and violence And you raise such an interesting point I mean obviously you were a lawyer youth attorney a Court of Appeals judge of the third circuit And as you know well and criminal law conspiracies are worse than individuals acting So some of this is the organization involving other people whether it's internationally in a terrorist group or homegrown Can you compare the risk of international terrorism as opposed to just homegrown terrorism that's organized Well right now we've actually done a good job over the last 20 years and protecting our country against international terrorists coming in from overseas over another part of the world And that's the data to a lot of the very fine work done by the folks in the border When you're dealing with homegrown terrorism there's no border It's right next door And I think that's why we're seeing an increase in the homegrown terrorist acts where there is a tax on religious institutions or things in schools is firing in many cases by the Internet but sometimes just generated And that's much harder to deal with because it's low profile There's usually not a lot of planning communication and the intelligence agencies are much more eliminated in their ability to examine intelligence domestically than is the case overseas because we do have certain constitutional protections And that's why the issue of homegrown terrorism violence is going to require much more engagement by local law enforcement and even by local communities who have to be willing to speak up when they see a threat rising in the neighborhood If you see something say something I guess is what that is Thank you so much mister secretary for being back with us That is Michael chertoff He's former U.S. secretary of Homeland Security and author of exploding data reclaiming our cybersecurity in the digital age Coming up.
"chertoff group" Discussed on Bloomberg Radio New York
"Banking Committee Chairman Sherrod Brown on whether vice chairman Randy Quarrels should step down at the end of his term in October. Plus I get his views on Fed policy. I think the feds concerned about inflation. Most of the Fed members think it's transitory that the pent up demand and so many things from housing to other things. It means that there will be temporary, maybe short term but not long, long term price increases. But first this week, we learned of yet another computer hack originating from Russia, this one on the Republican National Committee coming on the heels of that massive hack of Casillas software that may have hit some 1500 companies for an update on what we You know, and what could come next? I talked to Adam Aisles, head of the cyber practice at Chertoff Group. First of all, it's not surprising that we would see you know an attempt by a state actor to compromise or organization like the Republican National Committee, right. I mean, it's kind of a classic. Espionage target. You know, the news reporting focuses on SVR, You know, which is, you know, one Foreign Intelligence agency within the Russian Federation. There was reporting last week that the G R U is conducting kind of a. You know what's known as a Global brute force campaign, so So the idea that someone was trying to access the RNC, I don't think is surprising. What the What we understand in terms of actual facts is, you know there's been a comment that your NC's it vendor had potentially been compromised, but the RNC itself has said You know that No data has been accessed at least as so far as they know what's the common thread here in the comments right here is the technology supply chain. Right and what we're seeing rate you know whether we're focused on RNC or say rate is a variety of threat actors using a weaknesses in the technology supply chain. Basically stepping stones into their ultimate targets. So was that version also what we saw on solar winds going all the way back to solar winds? That was that was a supply chain issue as well. Was it not absolutely absolutely. Solar winds was essentially used as a stepping stone into you know the ultimate targets of the SVR. Um it's solar wind is slightly different than in cassia in the sense that solar winds Involved Actually, a compromise of the code, Right? You know, software code had malware inserted into it. Whereas in the case of to say, as far as we know, it appears, though, there was a vulnerability that was exploited that essentially allowed the threat actors to stand in the shoes of a legitimate user. I mean, in both cases, we're talking about the software. Being used, You know, essentially as a puppeteer by threat actors to accomplish their objectives. Explain if you could manage service providers because one thing I read suggested that part of it is the structure of the way. An entity controls a lot of different computer systems. Yeah, I mean, you know, we talk about puppeteers. We managed service providers writer commonly used across sectors to outsource the operation. Maintenance of networks of storage of Laptops, desktops and another. It functions and so in a sense, um you know they're a they're kind of a common pathway into many different companies. And they're you know they're used for efficiency for cost savings. And for greater it effectiveness purposes by large and small companies will like. Is there any way to change that structure to defend without fundamentally changing the way we get our I T services. Well, look, I think this involves looking, you know, taking a threat and form defense approach. Um, you know, both within the suppliers of technology and within the buyers of it, so from the suppliers perspective You know, as we look at Cassie and others, you know whether the kind of a hero than this is, you know, the Dutch Institute of Vulnerability Disclosure Right, which had been actually identified the vulnerability to issue and was was working with cassette to try and address it. Unfortunately, they weren't successful in dealing with it before the attack a crew but you they've they've warned, and, you know, more and more of the products. You know they're supposed to be keeping network safe and secure showing structural weaknesses. So from the supplier perspective, right? We need more focused around what is good software Lifecycle security look like From a buyer perspective. You know, we need to assume this is not stuff that changes overnight. We need to assume, you know, risk in in the technology we're buying and a player an approach that says You know what? At some point, we could have a machine that's compromised. What then? What is a defensive strategy look like that says, you know, let's work to make sure that if a machine is compromised, it doesn't you know kind of lead to a takedown of the entire network. Is there any prospect realistic prospect of trying to cut this off at the source and assuming for the moment that these did originate from Russia, and there's just been too many reports that they have for me not to believe that's the likely answer. We talked with the Russian ambassador. Antonov on balance power, and he said, Don't know what if we figure out where this comes from, will help you shut it down. We want to do this in a bilateral way. Is that sincere? Or could this be? Who was it? That said that war is the art of diplomacy by other means. Is it possible? This is a way of getting leverage in the United States for other things that Russia might want. Well, look, I'm not a Russia expert. But when I talked to colleagues of mine here that are I mean, you know, the timing here is remarkable, right? I mean, President Biden, you know, hands, you know, list of, you know, critical infrastructure sectors They're supposed to be, you know, off limits. And you know, and you know what we're seeing here right is, um you know a compromise. It's impacting shopping malls in schools and organizations that are decidedly not critical infrastructure. I don't know that there is an exact cause and effect, But I don't think that Russia is yet shedding any tears that we're seeing an impact. You know, in the United States and across our allies, So, um, you know The challenge, of course, is that threat actors even assuming that they're not directly controlled by by the Russian government, operating with level of impunity, and and something needs to change. To make that stop well and as President Biden, if not put down a red line, at least put down a marker that has to deliver on now, with President Putin. Having having delivered that message does he have to follow through? Yes, In a word. Um, because otherwise you're sending a message that we're not serious about our red lines. So what are his options right now? Well, his options would be, um, you know, certainly there have been, you know, sanctions already leveled. Um and and you know those those you know, continue to be there. Um, Beyond that you have on offensive cyber capabilities, thanks to Adam miles of the Chertoff group Still to come this hour, the three days in August 50 years ago that changed the world of finance. And commerce with Jeffrey Garden of the Yale School of Management and my exclusive wide ranging interview with Senate Banking Committee Chairman Sherrod Brown on his views of Fed policy, and whether vice chairman Randy Quarrel should step down at the end of his term in October. But first President Trump sues social media firms for keeping him from his audience. Our case Will prove this censorship is unlawful. It's unconstitutional and it's completely un American. That's next. You're listening to balance of power on Bloomberg Radio. This is Bloomberg..
"chertoff group" Discussed on Bloomberg Radio New York
"Vaccines and their possible connection to heart inflammation. Apparently they're more than 1200 cases reported now. Shares in the M RNA vaccine makers are trading lower. On that list. We've got fighter stock is down more than 1% right now, and Moderna shares also being hard hit wt crude oil above 73 the barrel right now. U. S crude supplies down last week for 1/5 straight week. I'm Doug prisoner. And that is your Bloomberg business flesh. You're listening to Bloomberg Business Week with Carol Matter, and Bloomberg Quick takes Tim Stenkovic on Bloomberg Radio. So solar winds. Microsoft exchange email colonial pipeline JBs cyberattacks. They do feel like they're worsening and the frequency is picking up and Tim I recently spoke with Michael Chertoff, chairman and co founder, the Chertoff group, former secretary of Homeland security. I did so from Bloomberg's Qatar economic form, and we talked about a lot, including how companies and governments can protect themselves from cyberattacks. Here's a portion of that conversation. If you go back a number of years, re mainly worried about the issue of theft of money, impersonation of identity theft of intellectual property espionage that still continues. But now we're seeing more and more destructive and destructive attacks, including those that have an effect on critical infrastructure. And are really touching people in their everyday lives. This is clearly increasing as a more serious national security issue. One of the things that you hear about, as you go about work at the Chertoff group, and you work with clients and you're working with governments are working with companies and institutions. What is it that they are also seeing on a regular basis? I think the biggest recent stories ransomware, which is of course, infecting a network with an encryption that locks down all the data, and then saying, if you don't pay me money in Bitcoins, I'm going to throw the key away. You'll never get your data back. And that has the potential to be hugely disruptive. There have been hundreds of attacks on health care institutions and those attacks of ransomware make it impossible to actually carry out necessary medical things. Colonial Pipeline Ninja ransomware attack Brazil unique company company was a ransomware attack. So that is the emerging new threat. But when we continue to see the old fashioned, festive money and identity impersonation as well, You and I and our prep call for this. We're talking about how companies have been very lean and mean cutting costs, you know, just in time, just doing things when they need it. And in many ways, Wall Street has certainly applauded that move, and we've seen that play out in the financial markets. But I do wonder are a lot of companies institutions governments really prepared for maybe the cyber attacks to come. Well, Carrie, you're actually right. For many years. The mantra in the business community was, we needn't mean just in time. Don't have any access capacity that keeps keeps costs down, and it makes us hyper efficient. The flip side of hyper efficiency use your vulnerable. If something happens, and now you don't have a plan B. You know why they don't have an alternative way to carry out your mission Or you don't have an alternative way to store your data. So I do think it's causing businesses and governments to rethink Whether they need to build in a margin of safety and a margin of security against the possibility of some kind of a disaster. And by the way, let me shake a pandemic has been less than the same principle that you've got to have a backup plan because sometimes either mother nature Or criminals. Why didn't interfere with your plan? A. Well, let's talk about who's actually doing the cyber attacks. At this point. We know we saw the summit between President Biden and Putin and, um, you know Biden pretty much laying out that he understands that There are things going on in Russia that possibly likely that the president President Putin is aware of. I mean, that's part of the problem. Governments know there's stuff going on in their countries and their kind of allowing it. Well, some governments are allowing it now, with the Russians regime two types of bad actors dressing the SPR. The Russian intelligence service, which was behind the shoulder winds hack into the supply chain. But we've also seen criminal groups organized criminal groups based in Russia carrying out attacks. In other countries, and essentially, the tacit or even explicit understanding in Russia is if you're a criminal group as long as you carry out your crimes outside of Russia's borders. Russia. The Russian authorities will leave you around, and they do that, because sometimes they go to these very criminal groups and then listen to carry out attacks with a national security element. We sure that, for example in 2000 and seven in Estonia Where criminal groups acting at the behest to Russia attack east Syrian government and the Estonian financial system. So I think President Biden was quite right to be cleared about to Putin. But we know it's not just the intelligence agencies themselves, but it's the fellow travelers are in Russia that are carrying out a lot of these most devastating attacks. And and do you think governments need to be ready to launch? Attack a cyberattack back, basically go on offensive if they are attacked. Well, that raises the critical issue of deterrence and up to you Now we've typically done things like for criminal cases or impose sanctions, which have a certain amount of of deterrent impact, but not really as much as we need given what's going on there, and therefore, I think we need to get to the point. That there is a a cyber response where there is an attack, and that made me disabling the Attackers. Um, sure, servers or otherwise in different where the Attackers conduct of operations and maybe most important Follow the money. If you can get the money back. That is a major blow to the criminal works and one of the great stories out of colonial pipeline in the FBI was able to track Cryptocurrency students that were used to pay the ranch and I'm getting most of that money back. And if we can do that, That's going to be a major dent into being Shan't kids. These groups have Michael. One last question just got under a minute here. Have we seen the worst of it when it comes to cyber attacks, or you kind of getting ready for the big one? I'm afraid we haven't seen the worst times, particularly as tensions heat of geo. Politically, we may actually see attacks that are direct on critical infrastructure. We've seen Russian reconnaissance and our electric grid. They haven't done anything. But of course you have to ask. Why are they looking? And that's why we need to have the capability to make it clear that a response it causes a loss of life were very serious economic damage, where, in our view being the initiation of a hybrid conflict And we will respond forcefully and unequivocally and that was Michael Chertoff, former secretary of Homeland security. Speaking from the guitar economic form, you can sign up to see more from that event. At Bloomberg live dot com, including the full conversation and we're Financial like, Think about that. That would certainly be crippling. All right. You're listening to Bloomberg Business Week. Right now. A check on world the national news over to Nancy Lyon..