LAS VEGAS – The U.S. needs to remain vigilant in efforts to protect against potential Russian cyberattacks as the war with Ukraine presses on, Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said Thursday.
Although Russia has not made a significant cyber strike against the U.S. to date since invading Ukraine last year, Easterly said “we can not assume that won’t happen going forward.”
“It looks like it’s not going to end anytime soon. We need to continue to be vigilant, keep our shields up, and ensure that we are putting all those controls in place,” she said on a panel at the Consumer Electronics Show in Las Vegas.
Easterly said Russia miscalculated the war effort, underestimating both the resilience, capability and courage of the Ukrainian army it would face and the united front the U.S. and other allies would put up against Russia.
“I think they thought it was going to be a quick and easy drive down to Kyiv,” she said.
At the same time, she said Russia “calculated well” that a strike against U.S. infrastructure would be considered “very escalatory,” which could be a reason why Moscow hasn’t taken such action. But she said the government and the private sector need to stay on guard to keep protections in place.
During the talk, Easterly also urged an incentive structure shift that would push companies to prioritize cybersecurity at the outset of designing products and services. The current ecosystem puts the burden on consumers who have the least understanding of threats and are the least prepared to defend themselves, she said.
George Kurtz, the CEO of CrowdStrike, echoed that sentiment.
“If you’re putting the onus back on the consumer, you already lost,” Kurtz said during the same panel.
Easterly also expressed some concerns about new generative artificial intelligence (AI) technology, such as the Chat GPT program that’s become increasingly popular.
Easterly said she is most worried about such capabilities being used by “people who don’t have the democracy values that we have.”
Asked about a potential ban on TikTok, the video-sharing app owned by Chinese-based ByteDance, Easterly declined to give a forthright answer but noted the “ongoing debate” and said to be mindful about giving “deep access” to companies that are not focused on U.S. well-being.
TikTok bans, at least on government devices, gained popularity at the end of last year. Several GOP-led states put such bans in place, as did Congress last month as part of a federal funding bill.
TikTok has continued to defend itself against accusations that it poses national security concerns.
TikTok spokesperson Brooke Oberwetter previously told The Hill in a statement that “politicians with national security concerns should encourage the Administration to conclude its national security review of TikTok.”