Tuesday, January 18, 2022

Gee, thanks Vlad! You’re such a swell guy…


Mariam Baksh of NextGov published – as usual – a very interesting article on Jan. 16, which begins with this paragraph:

A senior administration official put questionable timing aside and commended the Kremlin’s arrest Friday of individuals Russian officials say comprise the notorious REvil ransomware group, which U.S. officials have attributed to attacks on critical infrastructure.  

“Questionable timing” indeed! Putin is poised with a knife to the Ukraine’s throat and threatening to send troops to Venezuela and Cuba to threaten the US – so of course this is a great time to thank him for his noble efforts against REvil.

Let me suggest that the real question is this: Seven months ago, Biden - after the Kaseya attacks, which were instigated by REvil) – said (quoting from WaPo) “Putin must put an immediate stop to this activity, or Biden’s administration will take ‘any necessary action’ to stop it.” Why is the administration now taking credit for the fact that Putin finally acted, when Putin’s people certainly knew all along who needed to be arrested (because the Russian intelligence services collaborate with those people all the time, and the US intelligence services had given them a list of names)?

And why, after calling for an immediate stop to “this activity” (which, in case you hadn’t noticed, didn’t bring Russian ransomware activity to a hard stop last July), didn’t Biden keep the pressure on Putin all this time? And given that Putin obviously didn’t pay any attention at all to Biden’s order last July, why doesn’t this “senior administration official” even think, “Hey, the fact that he’s finally arresting the REvil guys now is probably not because he’s been listening to us. It’s because he wants to look as good as he can in other areas, while he’s issuing a new ultimatum to Biden to abandon the Ukraine to him”?

Perhaps the senior official is Secretary of State Blinken, who in September asserted that “no one in the U.S. government expected the Afghan government to fall as quickly as it did.” Of course, there was no way the administration could possibly have known that the Taliban wouldn’t keep their promise of a cease-fire. After all, the Taliban are honorable men. Why Blinken wasn’t fired after that debacle would be a mystery to me, were it not clear that there are lots of others in the administration who also think their job is to claim credit for successes, rather than actually be successful.

Of course, the senior administration official’s comments really aren’t about Putin at all. They’re a vain attempt to at least get some good news out about the administration, since lately all the news has been bad. But frankly, the fact that this clown – whoever he or she is – is trying to turn the fact that Putin completely stiffed Biden for seven months and is now doing what Biden ordered only because he’s trying to divert attention from a much bigger transgression he wants to commit, only shows how weak and clueless they are. And unfortunately, that’s not news.

A much better thing to say – and not through an anonymous spokesperson – would have been “We wish to ‘congratulate’ Mr. Putin on finally taking an itty bitty step to combat one of the many evils Russia has inflicted on the world in recent years. Now here are some more steps Mr. Putin must take, and the consequences that will follow if he doesn’t (BTW, this time we mean it about the consequences):

1.      Adequately compensate the families of victims and governments for their losses in the shooting down of flight MH17 in 2014 or face a ban on all Russian aircraft in international airspace.

2.      Compensate Maersk and the other companies worldwide that lost an estimated $10 billion in the NotPetya attack, or risk being cut off from the SWIFT international funds transfer system.

3.      Compensate the victims (especially government agencies) of the SolarWinds and Kaseya attacks and arrest the perpetrators of both of these (who are either Russian government employees or well known to them) or face an order to US financial institutions and citizens to divest themselves of their Russian bonds and not own them in the future.

And speaking of Russian attacks, here’s another idea: Why don’t we investigate the assertions made by the CIA and FBI in the last “annual” Worldwide Threat Assessment in 2019, to the effect that the Russians had penetrated the US power grid and could cause outages at any time? There’s never even been an investigation of those statements. And there haven’t been any more WTAs since that one.

I guess that’s one way to solve the problem of bad press.

Any opinions expressed in this blog post are strictly mine and are not necessarily shared by any of the clients of Tom Alrich LLC. Nor are they necessarily shared by CISA’s Software Component Transparency Initiative, for which I volunteer as co-leader of the Energy SBOM Proof of Concept. If you would like to comment on what you have read here, I would love to hear from you. Please email me at tom@tomalrich.com.

 

2 comments:

  1. There are still WTA's produced annually by the Director of National Intelligence (DNI).

    https://www.dni.gov/index.php/newsroom/reports-publications/reports-publications-2021/item/2204-2021-annual-threat-assessment-of-the-u-s-intelligence-community

    ReplyDelete
  2. Actually, no WTAs have been produced since the 2019 one. They previously came out annually in early January, and they were skipped under the Trump administration in 2020 and 2021. Last year, the incoming Biden administration put out a new report in April called the Annual Threat Assessment, which you link in your comment. This document doesn't make any specific mention of the Russians implanting malware in the US grid, as the 2019 report did.

    The fact is that the statements by the FBI and CIA in the 2019 report have never been investigated, unless this was done without any notice to the utilities, whether classified or otherwise. Of course, the whole point of investigating the reports would be to find the malware, so the utilities can eradicate it. Why this was never done wasn't a mystery under the Trump administration, since they didn't want to hear bad thingsa about Russia.

    It's a mystery that the Biden administration has never looked into this, although it would certainly not be too late for them to do it now.

    ReplyDelete