WASHINGTON, D.C. (Nexstar) — Texas Congressman Tony Gonzales suggested the United States should take cyber actions against Russia, in an interview with Washington Post Live on Wednesday.
Gonzales, a former Navy cryptologist, told Washington Post reporter Marianna Sotomayor such action against Russia would be “a small taste of what could happen if you go into Ukraine.”
“One thing in particular that I think we haven’t used is cyber. This is an instrument in our toolbox that we can use to deter the Russians before there’s a kinetic response,” the Republican said. “So instead of sending tanks and troops and aircraft carriers and planes, why not flip a switch and maybe turn off some oil pumps in Russia?”
Russia warned Wednesday it would take “retaliatory measures” if the U.S. and its allies reject its security demands for Ukraine to be prohibited from joining NATO. Secretary of State Antony Blinken responded saying NATO is committed to an open-door policy for new members.
Russia has massed an estimated 100,000 troops near Ukraine in recent weeks, sparking fears it is planning to invade.
On Monday, the Department of Homeland Security warned Russia might pursue a cyberattack against the U.S. as tensions escalate over Moscow’s buildup of forces near the border with Ukraine.
This was the subject of a cybersecurity panel on Wednesday, featuring Texas’ chief information officer Amanda Crawford and a state representative.
Crawford described addressing cybersecurity as a “team sport,” talking about the lessons learned from past cyberattacks on Texas businesses and lessons learned. She said it’s crucial for companies and local governments to have planned action responses.
“Certainly we want to come forward with the best cybersecurity technologies to prevent these things from happening, [but] we got to have a good preparation, we got to have a good plan,” she said.
Texas is set to receive $42 million federal dollars for cybersecurity, from President Joe Biden’s infrastructure plan.
Cybersecurity experts say these investments are crucial, as many small government entities have antiquated software and systems, making them more vulnerable to a hack.
Nitesh Saxena, a computer science and engineering professor at Texas A&M University, said these issues also go beyond system upgrades.
“Many of these attacks that we are talking about, mostly the nation-state attacks, they actually start from some vulnerabilities that are triggered by things like authentication hacks,” he said.
As an example of this, Saxena pointed to the 2020 cyberattack on Austin-based SolarWinds — an I.T. and security company — which led to a massive attack on the U.S. government in which multiple agencies were hacked.
“That’s why the attackers are always looking for these weak targets,” he said. “So if out of like millions of users, you find hundreds of users who are weak and you can compromise their accounts, you can actually have this snowball effect. And we’ve seen that in the case of SolarWinds.”
The panel discussed the importance of public-private partnerships and communications about what they’ve learned from cyberattacks, possible threats and how to better train employees to avoid things that could let a hacker in. Saxena said some of the biggest ways a hacker can gain access is through weak passwords, lack of multi-factor authentication and phishing scams.