>> joining us now for a conversation i cybersecurity from the national security institute at george mason law school and also working on cybersecurity and the ransomware attacks why does it seem like we hear about these every day? are they more prevalent or just higher profile companies? >> it is a little bit of those. ransomware is easier to use with the development with the idea all capabilities you just have to plug in your target

and pay a fee and then it does the work for you. you collect some ransom and then pay that off. so it's easier to do. second it's like criminals are bank robbers but in this case going after those targets i need to stay up and running and then there is a lie the pressure to pay the ransom and move forward we saw that with colonial pipeline and a similar situation but we do know they could get up and running pretty quickly. >> and then the service providers why can't they track down those people? >> it's a great question. using the anonymity techniques even of that coin wallet all the fbi sees back to last few days could take that that coin

transaction they trace that transaction through the block chain that they got the private key to access the wallet. how do they do that? did they take it? what do they do to get the key? it is a lot of criminal hackers in places like russia and china someone russia there is not a lot of hacking that's going on and often times these hackers are in the daytime than they make a little money on the side. >> give a brief history of the ransomware. >> it's been around a long

time we have seen but often times the viruses were out of the and target to change behavior. now this is a way that is impossible to unlock so the biggest example of ransomware but it wasn't that it was a russian attack the way in to deploy to delete and destroy systems in ukraine they were very successful but more successful because that malware cost $10 billion globally and a very small

version of ukraine. >> we hear so often us cyberwarfare capabilities and that budget spending. why can't we unleash those capabilities? or are we doing that? >> suggests the past week me will treat it like a terrorist after 9/11 so with the cyberof offensive weapons if it does with those capabilities over those nationstates sponsors

what does that involves? there's a lot of questions but what is clear is you have to have better defenses companies have to work with one another we cannot expect russia china iran and north korea when it comes to cybersecurity and these criminal hacker games but then to adopt last year. >> the topic cybersecurity ransomware to join the conversation you can do so. >> looking at your work at george mason university and

your expertise? >> working on capitol hill as a young staffer doing it work into the policy realm and i came back i had a chance to work in the bush administration and the justice department and i worked on arranges cyberintelligence matters and then he went back to private practice for a couple of years and then we drafted the first cyberinformation sharing bill and in 2015 then have that opportunity the last six years the former director the commander of us cybercommand.

>> the nine your house staffer have. how should capitol hill about this ransomware attack that they used to communicate with voters. >> that's an important issue because members of congress have to represent their constituents so that attack on that system makes it harder to do their job. this is just one example so to bring home the members of congress day in and day out the public school districts and then we started the colonial pipeline and then the meatpacking company but is not just ransomware it's criminal hackers getting more aggressive nations are getting more aggressive. the defenses are not as good as they need to be.

working on industry and when president biden goes to meet with president putin he has to say we will not take this from your government or your country anymore you will pay us. >> fort washington maryland democrat. >>caller: good morning. do you think there is real push agency for schools where they really push cybersecurity for students to learn to get a hold of the cyberthreats? >> and national science

foundation as a number of initiatives to improve cybersecurity around the country. and with the federal grant dollars. with the department of homeland security. but there isn't enough about what we need to do so that goes beyond that nasa not to get your cyberhygiene but also be prepared for these attackers even if you are the target. >> and i want you to miss an opportunity from the george mason law school.

>> founded four years ago we liked at that think tanks space and then we realized there really wasn't a think tank that looked at the bipartisan group of experts to get members of congress and their staff with those actual recommendations we been doing it for about four years and wendy robinson and those from the national security institute. >> going to arlington good morning. >> can you hear me. >> my comment is from the geopolitical perspective want the audience and your guest to

talk about the idea of hacking that if someone hacks our infrastructure to create cybernetworks but in reality that could be a geopolitical purpose to say we don't want america to work with country xyz. so coming up with a lot of energy that this happened from russia i would like your guest to talk to that idea it seems to come from russia and i don't wean just big countries like china and then to

influence so if you could speak to that. >> that's a great point we see cyberattacks and hacks this element of national power that's right to point out russia china is the biggest player and what you might see what the chinese are the iranians what is interesting about that type of effort it is hard and then to say we have done the work we have figured out it is the russians. so you can take it to the bank

that being said be on the alert and the agenda looking at the a geopolitical implications. >> covington louisiana. good morning. >> i will show my lack of knowledge i am just wondering whether or not there could be any connection cybersecurity and ran some attack with the voting machine that affect tax were done and it affected them? >> that's an interesting question but the hard thing to figure out did something happen during the election and if so, what we know the

iranians were actively involved in looking at ways to manipulate body politics to modify the narrative on both sides of the issue we know those we saw activity like that in 2020 but you are right to ask the question are people who have the skill set go after those like the voting machine we know is that have advanced capabilities so what would the cost be to them so

now we want to draw on your experience on internet security so take us through the pace and when does the company find out they were part of a ransomware attack and what do they do when they find out how do you resolve that? >> and then to try to stop them before they happen and that the entire ecosystem everybody is well protected working for behavioral anomalies and then to stop them before it causes the ransomware attack. we are very committed hunters

to say where are these people? let's at the ransomware keep it isolated and we have a lot of partners and industry we work with microsoft and the like and those customers as well. and they are will protected. one company could be taken down not just from the attack on them but on one of their suppliers. and then they attack solarwinds to get into the us government and that is what

the concept is all about. and that the members of congress mike gallagher angus king that actually wrote in the report last year we need a paradigm shift. host: he came on this program last year to talk about those issues and then you mention the colonial attack yesterday on capitol hill a very high profile ceo of colonial talking about the attack and the response. here's a little bit of what he had to say. >> and in exchange for the key to unlock those systems we had defenses in place but the unfortunate reality is those were compromise. and then to make difficult

choices that no company ever wants to face the then to isolate and contain the attack to back up and running safely and with the same law enforcement and federal authorities including the white house we reach out to federal authorities within hours of the attack and they continue to work to be safely restoring operations. thank you to the department of justice and fbi for the progress and say earlier this week also thank you to the colonial pipeline and american people as we responded to the attack and up with a disruption that it cause. we are deeply sorry for the impact this attack had. we are also hardened by the

resilience of our country and our company. and then i address the nearly way that i know how, directly and honestly. but the ransom payment i made the decision to pay and keep the information as confidential as possible. that was the hardest decision i have made in my 39 years in the energy industry and i know how critical the pipeline is for the country and i put the interest of the country first. i keep the information closely held because we were concerned about operational safety and security to stay focused to get the pipeline back up and running. i believe with all my heart it was the right choice to make. >> to watch the entire hearing you can do so on our website at c-span.org. but the critiques of that

response? >> i actually think he said what he had to say. he was very plain spoken in clear and direct about his position. those companies in a tough situation we don't defend as well as we could then they share real-time with industry the way it should and then industry doesn't share what it needs to what the government to help them understand the threats. and then in cyberspace. that being said let's ask ourselves everybody's worried about long-term supply chain disruption viewers don't do that. but then taking it back up

beyond the isolated incidents the company made a smart decision in one of the ways was 75 that claim roughly and with that payment and with the last 48 hours now bitcoin has dropped in value significantly that that two.3 million they recovered that's a big win no major just bought one —-dash supply disruption to the country if that was down to

her three weeks then the account would have been a lot more than that that going case. that with that criminal gang in the nation. >> so bitcoin and ransomware is cybercurrency helping? >> something that could be at the heart of the problem so what's interesting about that claim yes you don't know who only owned the wallet you can follow the money you can follow the block chain ledger that's how the fbi could trace

it know how do you get access to that money? that the fbi got the key that's an interesting question how they got that key they went to a federal court got to - - to get the order in sees the money. >>caller: we will find out if the government has responded to cyberattacks through the newspaper. host: you asking for a full report somewhere. >> when we respond. and then responding. >> but that was just a

different domain of warfare but i think that determines in cyberspace that part of that goes to deter someone and then to do that stuff and to say what the redlines are see have to tell them the redlines and the capability to respond and what that will look like here's i will do to you if you do x and why to me most importantly when that bad thing happens in across the line you have to respond and engage that and engage the deterrent. in my view it is the unanimous you that is best in public but

all the other people with cyberspace and elsewhere they will come back harder and you will experience a lot of pain.