Return to Transcripts main page
Inside Politics
Authorization Of Pfizer Vaccine For Ages 12-15 Expected This Week; White House Briefing As U.S. Deals With Major Pipeline Cyberattack. Aired 12:30-1p ET
Aired May 10, 2021 - 12:30 ET
THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.
[12:30:00]
JOHN KING, CNN HOST: That would mean 85 percent of all Americans would be eligible for vaccine at that point. 16.7 million Americans in the age group 12 to 15. How important is it to get to move down if you go all the way down to 12 years old middle school, middle school students and get them in line for shots.
DR. MICHAEL SMITH, INVESTIGATOR, PFIZER ADULT AND PEDIATRIC VACCINE TRIALS: I think it's critical, and for a couple of reasons. So first of all, you mentioned this notion of herd immunity that you really want to get as many people vaccinated as possible to protect our whole population. But the other thing is, it's important to protect these kids. So I'm thrilled as a father and as a pediatrician that kids tend to not get as sick with COVID as adults do.
But they certainly have been impacted. Some of them do end up getting the hospital. Some of them do end up dying, not as much as on the adult side. Some of them do go ahead to get long COVID. And certainly all of our children are missing out on important opportunities to interact with their peers in person. So for multiple reasons, it's critical to get this vaccine out there.
KING: You mentioned kids tend to fare better. But let's look at the numbers here, 3.8 million total cases, COVID cases involving children 14 percent, just shy of that 13.8 percent of all cases. But in the late April, you see the 71,649 cases up 4 percent right there. When you're talking to people who have maybe questions, are the vaccines safe? Or kids do fare better? Does my kid actually need it? How do you address that?
SMITH: Yes, I think we frame it as a couple things. So first of all, empower the child to help make that decision. We're talking about 12 to 15-year-old teenagers who have -- who get a say in their own medical care. And, you know, you think from the child's perspective, they haven't really had any control on the pandemic. So that's part of it, kind of empowering children to, you know, to make that change in these teenagers and adolescents.
So I think that's one way to talk about it. And the second thing is, you know, it's part of kind of civic duty helping us open back up society for everybody. KING: Let me ask you, this is a little bit off the vaccine track, but Dr. Fauci was out this weekend. We're all going through, you know, where are we? I have two of my friends at the table today. We're all vaccinated. It changes your life. As those numbers go up, Dr. Fauci says, guess what, it's time to start thinking about indoor mask mandates. Listen.
(BEGIN VIDEO CLIP)
DR. ANTHONY FAUCI, CHIEF MEDICAL ADVISER TO PRESIDENT BIDEN: The CDC will be, you know, almost in real time, George, updating their recommendations and their guidelines. But yes, we do need to start being more liberal as we get more people vaccinated. We're averaging about 43,000 a day. We've got to get it much, much lower than that. When that gets lower the risk of any infection, indoor or outdoor diminishes dramatically.
(END VIDEO CLIP)
KING: Do you believe we're close to that point where something that's been with us for quite some time indoor masks can go away?
SMITH: I think we're at the cusp of that. And again, once we have this vaccine rolled out to 12 to 15 rolls, if there's the uptake that we need, and I heard in the prior segment talking about getting this vaccines out there is one thing, getting education out there, making sure people understand how safe this is, and particularly getting this vaccine into the places that really need them.
So, you know, for these kids, meeting them where they are going, meeting them at schools, meeting with their pediatrician's office, and getting them into the neighborhoods, you know, who have poor access to health care. I think if we can do all those things, you know, we're pretty close to getting to that point.
KING: Dr. Michael Smith, grateful for your time and your insights today, Sir, thank you very much.
SMITH: Thank you.
KING: My pleasure.
[12:33:18]
Up next for us, Mitch McConnell rates his game.
(COMMERCIAL BREAK)
KING: Live pictures at the White House briefing room, we can show you, we're going to take you there any second now. National Security Adviser, Homeland Security adviser coming up. There's Jen Psaki, the Press Secretary, introducing the must listen.
JEN PSAKI, WHITE HOUSE PRESS SECRETARY: By Homeland Security Advisor and Deputy National Security Adviser Dr. Liz Sherwood-Randall and Deputy National Security Adviser for Cyber and Emerging Technologies, Anne Neuberger. I know you all know who they are, so I'm going to skip the introductions. So we have more time for questions. We have very limited time, but we'll try to take as many as possible. So with that, I'll turn it over to Liz.
ELIZABETH SHERWOOD-RANDALL, WH HOMELAND SECURITY ADVISER: It's great to be with you today. Thank you, Jen. I have an update for you on the Colonial Pipeline and what the Biden administration is doing to provide assistance through a whole of government effort.
On Friday evening, May 7th, colonial pipeline reported that its pipeline system had been subject to a ransomware cyber attack. Colonial chose to shut down its pipeline operations as a precautionary measure and to ensure that the ransomware could not migrate from business computer systems to those that control and operate the pipeline.
We've been in ongoing contact with Colonial and the President continues to be regularly briefed on the incident and our work. Colonial is currently working with its private cybersecurity consultants to assess potential damage and to determine when it is safe to bring the pipeline back online.
Thus far, Colonial has told us that it has not suffered damage and can be brought back online relatively quickly. But that safety is a priority given that it is never before taken the entire pipeline down.
Beginning on Friday night soon after we learned of the shutdown, the White House convened an interagency team that included the Department of Energy which is the lead agency for incident response in this case, the Department of Homeland Security, Cybersecurity and Infrastructure Security Agency or CISA, the FBI, the Department of Transportation, the Pipeline Safety and Hazardous Materials Safety Administration, the Department of the Treasury, the Department of Defense, and other agencies.
To give you a sense of what we've been doing together since that first meeting. We have met throughout the weekend. The Department of Energy's Information -- Energy Information Agency or EIA is in contact with state and local agencies to assess current supply and impacts due to the shutdown.
[12:40:14]
DOE has also convened the oil and natural gas and electric sector utility partners to share details about the ransomware attack and discuss recommended measures to mitigate further incidents across the industry. DHS's CISA is preparing a release to go to the broader critical infrastructure community to ensure it has visibility into the ransomware attack. And it's taking appropriate measures to protect its networks.
Colonial is responsible for safely returning the pipeline to service and our role in the federal government is to take proactive steps to analyze the impacts of the shutdown on the delivery of gasoline, diesel, and aviation fuel in states that are dependent on the pipeline, and to identify federal options for alleviating supply shortfalls should they develop.
For example, to help address potential supply disruptions, the Department of Transportation issued an hours of service waiver yesterday, which provides greater flexibility to drivers transporting gasoline, diesel, jet fuel, and other refined petroleum products across 17 states as well as the District of Columbia.
Right now, there is not a supply shortage. We are preparing for multiple possible contingencies because that's our job, especially on the homeland security team. And considering what additional steps may be useful to mitigate any potential disruptions to supply.
This weekend's events put the spotlight on the fact that our nation's critical infrastructure is largely owned and operated by private sector companies. When those companies are attacked, they serve as the first line of defense, and we depend on the effectiveness of their defenses.
To improve the cybersecurity of our critical infrastructure, the Biden administration has already launched a high priority initiative to collaborate with our private sector partners to harden our defenses and to build our nation's resilience. And that is a perfect segue to my colleague Anne Neuberger, our Deputy National Security Adviser for Cyber and Emerging Technologies. Thanks.
ANNE NEUBERGER, DEPUTY NATIONAL SECURITY ADVISER FOR CYBER & EMERGING TECHNOLOGIES: Thank you, Liz. Good morning, everyone.
So building on Liz's comments, as you knew, on Friday, Colonial shut proactively its pipeline operations as a precautionary measure to ensure ransomware would not spread to its sensitive operational networks. In response, we're taking a multipronged and whole of government response to this incident and to ransomware overall.
First, we're actively engaged with the company and offered support as needed to restore their systems. Right now, they've not asked for cyber support for the federal government, but we remain available to meet their cybersecurity needs.
Second, we're aggressively investigating the incident and its culprits. As part of their work today, FBI released a flash alert with indicators of compromise and mitigation measures, once infected. The FBI identified the ransomware as the DarkSide variant, which they've been investigating since October of last year. It's a ransomware as a service variant, where criminal affiliates conduct attacks, and then share the proceeds with the ransomware developers.
We recommend all critical infrastructure owners and operators use the indicators that came out in the FBI flash to protect themselves. And if other entities are infected, please notify the FBI. Third, the government is convening stakeholders more broadly, to ensure everybody has the information needed to protect themselves and to rapidly share information.
This morning, the Department of Energy convened calls with the electricity and oil and gas sectors to keep them informed. The Department of Energy, Transportation, and DHS, and others will be sharing further indicators of compromise with the sector Information Sharing and Analysis Centers, or ISACs.
And the Department of Energy will be holding additional calls with critical infrastructure stone -- sector owners, as well as state and local leaders to ensure everyone has the latest information about how to protect themselves.
Fourth, we're taking the threats posed by ransomware seriously, with several initiatives. First, we'll focus on industrial control systems. Critical infrastructure, as Liz noted, in the United States is largely owned and operated by the private sector, which determines their cybersecurity protections are applied to their systems.
Under that context, in mid-April, the administration launched a new public private initiative to enhance the security of critical infrastructure systems and improve visibility across their operational control systems, the systems on which all Americans depend.
[12:45:01]
The Department of Energy had to lead for the first 100 days sprint focused on the utility sector and we will follow with follow on sprints with natural gas pipelines, water, and other sectors. The administration encourages all private sector owners of critical infrastructure to focus on improving cybersecurity and the government remains open and willing as a partner to support those efforts.
Second, in tackling ransomware, we're working to disrupt ransomware infrastructure. The FBI recently worked with international partners to disrupt two particular strains of ransomware, the Emotet and Netwalker strains. More recently, DOJ has established a ransomware task force to ensure it can better investigate and prosecute ransomware actors.
Third, CISA is leading a counter ransomware sprint, which is focused on helping small and medium sized companies who are often the targets of ransomware better protect themselves.
Finally, we're pursuing greater international cooperation. Ransomware affects countries around the world to address ransomware because transnational criminals are most often the perpetrators of these crimes, and they often leverage global infrastructure and global money laundering networks.
Indeed, to combat the exploitation of virtual currencies that are often used for payments in ransomware, the U.S. Treasury has also been leading international efforts, including driving development and adoption of virtual assets standards under the Financial Action Task Force.
With those updates, I welcome your questions. I'm turning it over to Jen and Liz, thank you for your time today.
UNIDENTIFIED FEMALE: OK, Amar (ph) kick us off.
UNIDENTIFIED MALE: Thanks. But just to sort of clarify something, has Colonial paid any ransom and is there any advice on that? And then, secondly, is there any timeline for when Americans should be certain that this is going to be taken care of people getting ready Memorial Day is not that far away and we're -- everyone's concerned about the gas prices? What's the timeline when this thing is completely under control?
NEUBERGER: Absolutely. I'll speak to the first and then I'll turn it to my colleague Liz for the second. So first, we recognize that victims of cyber attacks often face a very difficult situation. And they have to just balance often the cost benefit when they have no choice with regard to paying a ransom.
Colonial is a private company and we'll defer information regarding their decision on paying a ransom to them.
UNIDENTIFIED MALE: Did you and what the administration offer any advice on whether or not to pay a ransom?
NEUBERGER: So typically, that is a private sector decision. And the administration has not offered further advice at this time. Given the rise in ransomware, that is one area we're definitely looking at now to say what should be the government's approach to ransomware actors and ransoms overall. Liz?
SHERWOOD-RANDALL: So on the issue of gas prices, as I indicated right now, there are no supply disruptions. And the Department of Energy's Information Agency, the EIA, is doing the analysis right now about potential supply disruptions and what price effects that could have. And we're working with other agencies to consider how if necessary, we can move supplies to a place where it might be needed if it turns out that there is a shortfall.
UNIDENTIFIED FEMALE: Andy (ph)?
UNIDENTIFIED FEMALE: Thank you. My Question is just a follow up on what Amar (ph) was asking. Has the White House broadly considered advice for the companies who are victimized by, you know, in such incidents going forward? Is there any advice that you're considering when it comes to paying ransom in the future?
NEUBERGER: So that's a really good question. The first and most important advice is secure your systems. In this case, the ransomware that was used is a known variant. The FBI has investigated many cases of this in the past, as I noted, beginning in October.
So the first and most important thing is to ensure that systems are patched and that cybersecurity is maintained at the level needed in a given network. We want to see ransomware not be successful, and that begins with greater resilience, particularly in critical infrastructure networks.
UNIDENTIFIED FEMALE: And another question, you mentioned perpetrators are usually transnational criminals. Do you have any information on whether this particular incident has any ties to Russia or other Eastern European criminals? NEUBERGER: At this time, we assess the DarkSide is a criminal actor, but that's certainly something that our intelligence community is looking into.
KING: We're listening to a White House briefing here, Homeland Security experts talking about a brazen cyber attack against the Colonial Pipeline. It stretches from Houston up to New York Harbor, supply some 100 million gallons of gasoline fuel every day, every day. And it's been shut down at least through the week, the company says, because of this brazen cyber attack.
Let's bring in our CNN national security analyst, the former assistant Homeland Security secretary, Juliette Kayyem, our chief White House correspondent Kaitlan Collins also with us. Juliette, let me start with you. The officials explaining what happened here. It's a private company so they say it's not the White House job to say to Colonial, yes or no on the question of will you pay the ransom here.
[12:50:08]
From what you heard, number one, they said this was a known variant, essentially telling companies out there, get your act together when it comes to cybersecurity, what else jumped out to you?
JULIETTE KAYYEM, CNN NATIONAL SECURITY ANALYST: A couple things. And first, I have to say Anne and Liz have been in this game a long time. Liz Sherwood-Randall had been Deputy Secretary of Energy, she knows how this works, which is essentially some gems in there.
First of all, it is clear, the White House is not pleased that Colonial got hacked. This was a known threat these companies, we are completely dependent on these companies getting their act together on cybersecurity. This was not something new or unique. And so there was this not so subtle digs at the company that the United States is willing to help. But it's clear that company has not gone to it.
And then Liz Sherwood-Randall made it clear that the federal government's role right now is twofold. So one is consequence management, and that is just key right now, because of the way critical infrastructure is owned, we are dependent on the private sector. So what the Department of Energy is doing now is essentially figuring out what our capacity is, what pricing may be, and then what redundancies or what diversions can be made to our critical infrastructure to fill any gaps that may occur.
Now, we're not there yet, we probably have a couple days. And so Colonial is just making sure the system, the cyber system is pristine. The second is also a warning or at least a, you know, sort of a lesson from Anne which is somewhere is a big deal. And so smaller companies, larger companies need to take it seriously. They were agnostic about whether these companies should pay. I don't think we have much transparency on what companies have been willing to do.
But they use this as a sort of teachable moment, which is we don't know the extent to which other companies have already paid and not told the federal government or are about to be hacked. And so they use this as an opportunity to get, you know, get your act together, know what to do, know what is vulnerable, and if you haven't yet, hurry up, because we don't know if we're if we're starting a wave of this.
So lots of good takeaways, and I thought, you know, there's not much the federal government can do right now, except for just, you know, manage our energy systems in a way that doesn't impact the American public and then get Colonial to essentially purge the hack out of it system and get back online as soon as possible.
KING: And Kaitlan, incredibly clear, just from the beginning of that briefing, just how serious this is in the sense that the Department of Energy, Homeland Security, the FBI, Department of Transportation, the Treasury Department, the Defense Department, and other agencies. So you're across the cabinet here, with officials working throughout the weekend to try to figure out, A, what happened, the FBI says it was this group that operates out of Russia called the DarkSide. And then you have legal challenges. You have investigated challenges.
And you have you, could hear the questions there on the political challenge, and Juliette was just talking about it, 100 million gallons of supplies coming up every day, as we approach the Memorial Day weekend, the administration also trying to figure out if this has shut down for a week, can we handle it? Can we move supplies around to keep prices from going up?
KAITLAN COLLINS, CNN CHIEF WHITE HOUSE CORRESPONDENT: Right, they said so far, there are no supplies shortages, but they are preparing for that possibility, a contingency plan essentially, to be prepared in case that does happen, because this is one of the biggest pipelines here, certainly on the east coast. And so I think that's really what you've seen.
This is an effort of what's happened throughout the weekend, where they did have these emergency weekends, emergency meetings all weekend long here at the White House with all of those agencies notable that also, the DoD, Department of Defense is also involved in the response to this.
And so they said there are no supply shortages yet. They said Colonial Pipeline has told the federal government that they do not believe there was, that they suffered any damage from this attack. And they think that they can get the pipeline back up pretty quickly.
But they said they've never shut the entire thing down before. So they are taking it step by step and making that approach. And we heard similar comments from Colonial Pipeline earlier. And of course, all of this comes after the FBI did can confirm it was this DarkSide group that was behind this. And I think that's going to be another aspect of what is the administration's response to this going to be, because when you question, you know, who is carrying this out, what act -- what bad actors are carrying out these attacks. It also leads to which nations are harboring the groups that do this work.
And so I do think it was notable that there, Anne Neuberger, the Deputy National Security Adviser on Cyber would not answer whether or not Colonial has paid a ransom here. This is often something that you see private companies take that strategy, because it's just easier to pay it and get back online. We've seen that when they've attacked other systems before. And so she would not answer that question, which kind of seemed to be an answer in and of itself. But we have not heard from Colonial on what route they decided to take care of either.
KING: Juliette, quickly, we're short on time. But what can the government do, this is a criminal element operating in this case out of Russia DarkSide, where's the line for what the government can do to try to attack the attacker, if you will?
[12:55:01]
KAYYEM: Well, they did the first thing which is their naming it. Attribution is key at this stage, name the company and then it goes from there. The investigation will take us either to a state sponsorship, or at least state acquiescence. And then there's both covert and overt tools that can be used. The overt ones are ones that we've been using sanctions, attribution, and other issues.
And then of course, a covert campaign, because ransomware often has state sponsorship. This is not a bunch of guys in a room deciding to get rich and a lot of these countries, their leadership likes what they're seeing when they see that the entire, you know, northeast does not have energy flow.
KING: Disruption is the goal. Juliette Kayyem, Kaitlan Collins grateful for the hustle after that important briefing. Thanks for joining us today in Inside Politics. I'll see you back here this time tomorrow. Ana Cabrera picks up our coverage after a quick break. Have a good day.
(COMMERCIAL BREAK)
[13:00:00]