Return to Transcripts main page

AT THIS HOUR

CNN: Criminal Group from Russia Likely Behind Pipeline Cyberattack; Sources: White House Finalizing Executive Order on Cyberattacks; Several States No Longer Ordering Full Vaccine Doses as Demand Drops. Aired 11-11:30a ET

Aired May 10, 2021 - 11:00   ET

THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.


[11:00:31]

KATE BOLDUAN, CNN ANCHOR: Hello, everyone. I'm Kate Bolduan. Thank you so much for joining us.

AT THIS HOUR, one of the most vital pipelines in the United States is still shut down three days after being hit by one of the worst cyberattacks in U.S. history. A former senior cybersecurity official telling CNN that a Russia criminal group is likely responsible.

And while an investigation is yet, getting underway, the attack really underscores the real vulnerabilities in America's critical infrastructure. The company that was hit is called Colonial Pipeline. The pipeline spans 5,500 miles and carries gasoline, diesel, jet fuel from Texas up the East Coast to New York. It transports nearly half of all fuel consumed on the East Coast.

The timing of the shut down also could not be worse with the summer travel season right around the corner. Analysts are worried that the disruption could result in a spike in gas prices which have already been getting more and more expensive. The national average currently stands at $2.97 a gallon. But as we've seen, many parts of the country prices are higher, much higher in some places.

CNN's Josh Campbell, he's joining me right now with the very latest on the investigation into the cyberattack.

Josh, what do we know right now about who is behind this attack and when the pipeline is going to be back -- back up and running?

JOSH CAMPBELL, CNN SECURITY CORRESPONDENT: Yeah, good morning to you, Kate.

Well, we're told about this group from our sources is that this is it believed to be a Russian criminal group that executed this cyberattack on Colonial Pipeline. And this group as I mentioned, it's called "DarkSide". It's criminal group in Russia, typically targets non- Russian speaking countries.

It's important to note that based on Russia's history, we have seen this symbiotic relationship between the nation's intelligence services and some of these criminal groups which are often used as proxies. We don't know if that is at play here, but it's important not to overlook that history.

We did notice a short time ago, it post that is on a dark website associated with this group out with a statement saying that their intention here was financial not political. Of course, that is what they are saying. That is currently being investigated.

But to talk about what this group is able to accomplish, I want to show that map again this pipeline hit by the cyberattack. Colonial Pipeline spanning from Texas up to New York as you mentioned, as you mentioned, carrying nearly half of the Eastern Seaboard's fuel consumption.

And that just consumers, we're also told that also includes military installations, according to the Defense Logistics Agency. That includes Joint Base Andrew, as well as Joint Base Anacostia Bolling, outside the Washington, D.C. area.

And to describe what happened here, this is being described as a ransomware attack. The easiest way to understand that is essentially when hackers compromise a system and then lock you out of your own data, often demanding a ransom, that you pay in order to get access back to your information but, of course, what is concerning authorities both in law enforcement and the White House is this isn't your run of the mill company. This is not just a pipe that's running up and down the Eastern Seaboard but carrying highly flammable fuel.

So, you can imagine the kind of havoc that hackers can possibly wreak. That caused this company to take that pipeline down on Friday. It remains down. The FBI is investigating and the White House convened an interagency working group to try to deal with the fallout here from what is being described, Kate, as a significant attack on the U.S. energy sector.

BOLDUAN: Yeah. Sure thing.

Josh, thank you very much.

The Biden administration is clearly concerned and tracking this close. The attack led to the White House -- led the White House to form an interagency working group over the weekend to start working on this. The Biden administration is under pressure now to act quickly.

CNN's Jeremy Diamond is joining me now from the White House with more on this angle of it.

Jeremy, we just learned the administration is finalizing an executive order that may get -- may get at some of this. What are you learning?

JEREMY DIAMOND, CNN WHITE HOUSE CORRESPONDENT: Yeah. Well, for months now, the Biden administration has been working on an executive order to try and improve cybersecurity operations of the federal government and its contractors. That came in the wake of that SolarWinds hack which exploited vulnerabilities inside a contractor's software, SolarWinds, and led to vulnerabilities in several agencies giving Russia access to a lot of that data. Now this executive order is currently in draft form, but here's what

we know it would do as it currently stands. It would lay out new parameters for investigations into these cyber breaches. It would create a board to investigate the aftermath of these attacks, new standards for software development and limiting access to these federal systems.

[11:05:00]

It would also require some of the companies to be more transparent.

Now our understanding as of now is that this would apply to federal agencies and contractors for the federal government. So, it's not clear this order would impact colonial pipeline or would have prevented this attack on Colonial Pipeline or would have pointed this attack on Colonial Pipeline had it already been in effect. But there is a hope inside the administration that these kinds of best practices, even if they're only applied to the federal government and contractors, could also lead to changes among private companies as well.

But, of course, there is a major question here as the Biden administration looks into this attack through this interagency working group, not only looking to shore up the vulnerabilities that now exists as it relates to the flow of fuel to the Eastern Seaboard, but also as it relates to the future of these kinds of attacks. And what more the federal government can do given that so much of this country's infrastructure, 85 percent, is in the hands of private companies like colonial pipeline, for example.

BOLDUAN: Jeremy, thank you very much.

Joining me for more on this is Padraic O'Reilly. He is co-founder of CyberSaint Security, which works with pipelines and other critical infrastructure on cybersecurity.

Thank you for joining me.

I want to start with what Josh Campbell just mentioned a short time ago, my colleague. Reports that the hackers, they at least that they are apolitical. The motivation is financial, not political. Do you believe that? And if that is true, does that make the threat any less serious?

PADRAIC O'REILLY, CO-FOUNDER, CYBERSAINT SECURITY: No, the threat is serious. Anytime you have cyber, physical, or IT to OT, it's getting very serious. If it hits our critical supply and our infrastructure, that's a very serious attack.

I don't think really it's important to understand this attack is sophisticated. I think we have to just understand that. And the sophistication we're going to do the forensics and understand who is behind it, but, you know, clearly, you can maybe understand it at this point as a message type attack.

So we have to begin to look at this as, you know, the group that is acting, the threat actor is maybe trying to send a message. We can arrest your critical infrastructure. We can stop operations.

BOLDUAN: Colonial Pipeline so far has said very little about how the attackers got it. is it possible they still don't know? How important are those details?

O'REILLY: Those details are incredibly important. That's why I'm in business. You know, cyber is about information. Cyber is about people.

And you know, one thing that is really coming clear on this attack is that the information is not forthcoming. It's not going to be forthcoming necessarily from the organization hit. It's not going to be forthcoming from the forensics.

And part of what we do is risk management. And you can't do proper risk management unless you have information. The executive order that administration just talked about, they stress that they're going to put more pressure on information sharing which is a great relief to me. And they are also stressing that it's an all hands on deck effort.

You know, professionals in cyber have been struggling for years, understaffed, overworked. And I think the message that is coming out of this and learnings that are coming out of it are very good so far.

BOLDUAN: Interesting. What is your biggest question this morning as we're still, you know, learning more about this attack?

O'REILLY: I think my biggest question is where we're going to go from here. You know, and what are the incentives. We really have to pull the lens back on cyber. And begin to understand why with all the great technology we have, we still have situations like this arising. I think it's time to pull the lens back and start talking about regulation and governance and getting something done, because the tools are out there. We need more people. And we need more resources.

BOLDUAN: One thing is that the company has said that itself shut down the pipeline as a precautionary measure. Could the hackers have gained control of any operational aspect of this pipeline? I mean, could they have turned something on? Shut something off?

O'REILLY: Well, I don't really want to speculate on that. But can they? Certainly. You know, cyber physical attacks of researchers have been looking into them for years. And we saw examples of them several years ago with the energy over in Eastern Europe.

So can they? Likely yes. Have they or will they? It doesn't look like there is any damage to date. So I do hope that this is just preventative shutting down and that there's been no leak from IT over into the OT side.

BOLDUAN: Does this surprise you that main pipeline has not been brought back online at this point?

O'REILLY: No. When you look historically at the down times, they send to be significant with respect to ransomware. I think the average on 2020 is about 90 days or thereabouts.

BOLDUAN: Wow. Can you just broader picture, how vulnerable is this industry and our country's infrastructure in this realm right now.

O'REILLY: Well, our country's energy infrastructure, because it's the more regulated sectors, tends to be pretty aggressive with respect to compliance and, you know, advancing their technological solutions for this.

[11:10:11]

So, I would say we are vulnerable for sure. But the energy sector and the Department of Energy and CISA and the government, you know, are actively working on information sharing, actively working on passing along information on attacks, and we just have to accelerate the process of hardening infrastructure. It just has to happen.

BOLDUAN: So interesting. Thanks for coming on. Really appreciate it.

O'REILLY: My pleasure. Thanks for having me.

BOLDUAN: Coming up, as demand for COVID-19 vaccines is dropping, some states are holding off at this point now on ordering a full supply. One doctor in one of the states struggling the most is going to join us. Is there a solution to this?

And also, the secretary of state of Arizona is now being forced to have new security after getting death threats. The reason, it's even more disturbing since she is only speaking out against lies -- lies about the 2020 election.

(COMMERCIAL BREAK)

[11:15:24]

BOLDUAN: As of this morning, almost 60 percent of all adults in the U.S. have gotten at least one COVID-19 dose. That is according to the CDC. And that is great news.

But the problem more and more is that the rate of vaccinations is slowing dramatically. And according to the White House, several states are now actually turning down their full allocation of doses because of a lack of demand, which is all the more frustrating after a CNN analysis finds how widely accessible vaccines are now. No more traveling hours to get a shot. The majority of Americans are within just five miles of the three available vaccines.

Joining me right now is Elizabeth Cohen for more on this.

Elizabeth, what are you learning about this?

ELIZABETH COHEN, CNN SENIOR MEDICAL CORRESPONDENT: Kate, we at CNN asked Vaccine Finder, which is the folks who power vaccines.gov to do an analysis. They found 80 percent of Americans are within a five mile radius of any of the three vaccines. Not just a vaccine, any of the three. Eighty percent of Americans have a choice.

Now, that is great news. But as you mentioned, vaccinations have been going way down. Let's take a look at a graph and you can see how this white line towards the right of the screen takes a dramatic dip about a month ago. That means that people are not stepping up to get vaccinated the way they once did.

Now that's the bad news. Now let's go back to the good news. Let's look at vaccine availability. Our first map shows vaccine availability in New York City, we picked CNN headquarters in Manhattan. And we found that within minutes, you can walk to any of the three vaccines.

Now, you might expect that in a big city. But let's look at Zebulon, North Carolina. Pfizer and Moderna, within a three-minute drive. Johnson & Johnson, within a five-minute drive, in Zebulon, North Carolina, population under 6,000 people.

Now let's go to Freeport, Kansas, an even smaller place, four people live in Freeport, Kansas. Those four people, all they have to do is drive 20 to 30 minutes to get Johnson & Johnson or Moderna. And in an hour, they can get to the third vaccine, Pfizer.

So the hope is that if Americans can see that they have a choice, that even if they're hesitant, maybe they'll roll up the sleeves because they're empowered with this choice. This choice is theirs to make. But if states keep sending vaccines back to the federal government, that choice may not be there any longer -- Kate.

BOLDUAN: Yeah. It's one part of that equation to tackle hesitancy.

Very interesting Elizabeth. Thanks so much.

COHEN: Thanks.

BOLDUAN: So, Alabama is one of those states that is facing an uphill battle to get people vaccinated. As of now, the state ranks second to last among the states for the total percent of the population vaccinated. That's according to the CDC, and only about 25 percent of their population is fully vaccinated. Just two-thirds of the vaccine doses that have been delivered to the state have actually been administered.

To help, Alabama is turning to one of the states most influential leaders. According to "The Wall Street Journal", University of Alabama football coach Nick Saban is stepping up once again. He's going to be featured in PSA this week to encourage folks in the state to get the vaccine.

It is not the first time that he's jumping into help. He was in, remember, forever ago when we played this on air. He was in a PSA earlier in the pandemic encouraging masks and social distancing. He's mighty fine acting abilities as we now see.

Joining me right now for more on what is happening on the ground is Dr. John Waits. He's CEO of Cahaba Medical Care. It's a non-profit community health care provider with I believe 17 sites in Central Alabama.

Doctor, thank you for coming in. We'll get to Nick Saban in just a second. But we've -- I've seen that

you say we've vaccinated that desperate. We've vaccinated the willing, and now, here we are, which is -- which is where? What are your patients telling you?

DR. JOHN WAITS, CEO, CAHABA MEDICAL CARE: Well, Alabama typically lags about 10 percent to 15 percent behind other states in the country. So we have higher percentage of patients that are just nervous about vaccines in general. So, really this is a public health crisis. But my specialty is in primary care and family medicine. And so we just have to keep talking to our patients one by one about this decision that some of them now are nervous about.

BOLDUAN: How much has demand dropped?

WAITS: It dropped significantly. People who wanted the vaccine have gotten vaccinated. It's not -- as you said earlier in the segment, it's not an access issue anymore.

[11:20:04]

Now, it's a personal health decision for people that have some degree of nervousness. We see this with mammograms and with colonoscopies, just general health conditions.

I understand the stress. I feel it has a doctor on the front lines in the hospital, through the COVID-19 pandemic this past winter.

It's very disheartening to see people not as you say step up and get the vaccine. But we can't focus on that problem. We're focusing one by one counseling and educating our patients.

BOLDUAN: I was also, I have to say, shocked to see at a couple clinics you said the vaccination rate among staff is stuck at only 40 percent. What is going on there? What are the conversations that you have with your patients but with your staff?

WAITS: Well, it's interesting. We have 17 clinics. And our physician vaccination rate is 100 percent. Our other 15 clinics through town halls and fireside chats and ask me the hard questions on Zoom, we have most of our clinics have 80 percent, 90 percent vaccination rates.

And, too, there are social networks that people are in where, you know, a little bit of conversation and a little bit of nervousness, a little bit of doubt and you have people hesitant. I think we're seeing that played out nationwide unfortunately.

BOLDUAN: Yeah.

You told -- so we have Nick Saban who's going to try to help you out. But you also told "Time" magazine that you actually prayed that Donald Trump would have gotten his shot on Facebook live to help with hesitancy.

Do you think that would have helped, Doctor? Is that where you're seeing the divide breaking down?

WAITS: I do think there is -- we have seen masks being politicized and normal public health structure. When I do a C-Section, I wear a mask because I know it works and that's become a politicized -- so many things about this pandemic have been politicized.

And I see it divided loosely. It's not a linear correlation. But there is some degree of political divide over the vaccine. So, I do think it was a successful part of the Trump administration, Operation Warp Speed, that Biden has taken the baton and run with and ramped it up. And it really would be nice to see -- to see leaders on both sides have just a quality charitable conversation about that. So, something that's so necessary for public health.

BOLDUAN: Quality charitable conversation. We need so much more of that. It's so hard to come by.

Doctor, thank you so much for your time. Thanks for what you're doing. Really appreciate it.

WAITS: Thank you so much.

BOLDUAN: Coming up for us, it's being described as an insult to democracy. An audit of the 2020 election results in Arizona that has been controversial from the start. It is now reaching the level, a new level of absurdity. It's now leading to death threats. We'll be right back.

(COMMERCIAL BREAK)

[11:27:58]

BOLDUAN: Arizona secretary of state has been forced to beef up her security after receiving death threats. This all has to do with her criticism of the election audit going on right now in her state in Arizona, an election audit that has really reached new levels of absurdity.

Arizona Republicans forced the audit in an effort to support the big lie that Donald Trump only lost because of widespread fraud. We know that is not true. We know what truth is here, and what fact is here.

So, this is being done, this audit, by a private and unregulated company, a company run by someone who has pushed conspiracy theories about the 2020 election in the very recent past.

A piece in "The Daily Beast" sums it up all. Arizona Cyber Ninjas usher in new era of insane ballot attacks.

Joining me right now is the author of that piece, Jessica Huseman. She is also the editorial director of VoteBeat, a nonpartisan newsroom that covers elections.

Thank you, Jennifer for being here.

So, there's been a lot said about this audit. But I think you lay out most importantly one aspect that kind of gets people in the right mind frame here which is never before has an election audit been conducted in this way.

Can you lay out how this is so off the rails, some examples?

JESSICA HUSEMAN, EDITORIAL DIRECTOR, VOTEBEAT: This is truly unprecedented. You know, there are very strict standards for how ballots are audited and stored and treated after ballots are cast. And the people who do the audits are generally either state employees themselves or they're accredited laboratory election systems or they're certified public accounting firms who are very well-trained.

And auditing an organization Cyber Ninjas has none of those qualifications and, in fact, only released 18 pages of thoughts about how this audit would go down. And if you've ever done an audit of 2.1 million pieces of paper, you know that 18 pages of instructions on exactly how each of those pieces of paper are going to be treated cannot be contained.