Featured
By Gabrielle Meyers, Potomac Institute Communications Intern
On May 14, 1796, Edward Jenner administered the first vaccine against smallpox.
Testing the correlation between surviving cowpox and being immune to smallpox, Jenner injected material from the cowpox lesions of a milkmaid named Sarah Nelms into eight-year-old James Phipps. Phipps did experience some side effects, including chills, mild fever and discomfort, and a loss of appetite, but he got better. A few months later, Jenner tested the efficacy of the vaccine by injecting Phipps with actual smallpox.
Though the vaccine proved successful, Jenner’s first paper was rejected by the Royal Society in 1797. He conducted more tests in the following years, leading him to publish An Inquiry into the Causes and Effects of the Variolae Vaccinae. Gradually, people began to support vaccination- by 1801, the Russian Empress was encouraging vaccination- and Jenner went on to receive worldwide recognition.
Despite this, Jenner was not technically the first person to discover vaccination, since Benjamin Jesty inoculated his family with cowpox more than twenty years earlier. However, Jenner was the first to treat it as a science and pursue its development scientifically, making him the “Father of Immunology.”
Since then, many vaccines have been developed. The first laboratory-developed vaccine, developed by Louis Pasteur, was created in 1879. Pasteur would also go on to develop the rabies vaccine in 1885. Frederick F. Russell developed the first typhoid vaccine in 1909. Max Theiler developed the yellow fever vaccine in 1936, winning him the 1951 Nobel Prize. Over twenty years after the devastating Spanish flu pandemic, the first flu vaccine was approved for military use in 1945 and civilian use in 1946. The first DTP (diphtheria, tetanus, and pertussis) vaccine was made available in the US in 1948. Jonas Salk was able to vaccinate his family against polio using his vaccine in 1953, but public vaccine trials wouldn’t start for another year. Though the measles vaccine was licensed in 1963, the mumps vaccine was licensed in 1967, and the rubella vaccine was licensed in 1969, these would all be moot next to the development of the MMR vaccine, which was licensed in 1971. Furthermore, Maurice Hilleman, who developed the mumps vaccine, would also be responsible for the creation of the chickenpox vaccine, which was licensed in 1995. More recently, the HPV vaccine was licensed in 2006 and the Meningitis B vaccine was approved in 2014. The advent of the vaccines has changed the course of medical history, saving countless lives, and shaping how we view disease.
American politicians endorsed vaccination in its early stages. President Thomas Jefferson endorsed vaccination in 1806. In 1813, Congress passed An Act to Encourage Vaccination, which established the United States National Vaccine Agency. For decades, the government would even enforce compulsory vaccination to force the benefits of vaccination upon its citizens. Massachusetts, which in 1802 had been the first state to encourage vaccinating against smallpox, passed the first law mandating that schoolchildren be vaccinated in 1855. Since then, it has been common for schools and workplaces to have vaccine requirements rather than physically forcing people to get vaccinated. Unfortunately, not everyone accepts the science of vaccinations. In recent decades, the modern “anti-vax” movement has protested against such regulations, questioning the safety and efficacy of vaccines despite little to no evidence of danger.
Most recently, scientists have tested and have gotten emergency authorization for several COVID-19 vaccines. These vaccines were developed in record time due to the pressing need to reduce hospitalizations and deaths due to COVID-19 with the help of research on other coronaviruses. Already, schools and other places have instilled a COVID vaccine requirement in order to participate in person. However, people have been hesitant about getting these new vaccines, making it difficult to reach herd immunity.
Vaccines have been one of the greatest advancements in medical history. 225 years later, several vaccines have been developed in record time to address the current COVID-19 pandemic. Thanks to the vaccine, smallpox has been eradicated. Perhaps one day, the COVID vaccines will eradicate COVID-19 as well.
Colonial Pipeline Ransomware Attack Sparks Executive Action, but U.S. Cyber Infrastructure Still Vulnerable
On May 7, Colonial Pipeline, which is responsible for 45% of the East Coast’s fuel supply, proactively shut down 5,500 miles of pipeline in order to contain a ransomware attack that hit its corporate IT systems.
One day later, Colonial confirmed that it was indeed the victim of a ransomware attack. Ransomware is a form of malware that criminal groups use to encrypt systems and hold data hostage until the victim pays a ransom. Many criminal groups have taken to a double-extortion model, in which a copy of the victim’s data is exfiltrated before the victim’s systems are encrypted and the criminals threaten to make the systems permanently inaccessible as well as publicly release some of the stolen (presumably proprietary) information on the internet. Colonial Pipeline paid close to $5 million in cryptocurrency to the malicious actors to obtain the decrypting tool and restore the pipeline’s disabled network. Unfortunately, as it is often the case, the tool was slow, and Colonial was forced to use its own backups to ultimately restore service -- almost a week later.
Colonial restarted the pipeline in stages starting on May 12 but full restoration of fuel flows took several days. The incident throttled gas supplies across the eastern U.S. for at least a week and caused fuel shortages and a temporary surge in prices. As a result, the Federal Emergency Management Agency (FEMA) and the Department of Transportation (DOT) declared a regional state of emergency for 18 states to keep the fuel lines open. Meanwhile, President Biden invoked emergency powers to ease restrictions around fuel delivery and ensure that gas and oil supplies kept flowing to airports and cities along the East Coast.
Other recent major cyber-attacks were perpetrated by Russian and Chinese state actors or proxies, while the attack on Colonial has been confirmed to be the work of a criminal gang known as DarkSide. According to the FBI, DarkSide surfaced last August, and they have been investigating them since October 2020. While they are estimated to have made millions in extortion demands, their average ransom was $850,000. Curiously, DarkSide exercised a code of conduct in choosing its victims; hospitals, schools, nonprofits, and government agencies were considered off-limits. As a large for-profit company, Colonial fit its target profile.
After the FBI confirmed them as the perpetrators, DarkSide reportedly shut down its operations after their servers were allegedly seized and their cryptocurrency assets were transferred to an unknown account. DarkSide also lost access to their public data leak site and payment servers possibly due to law enforcement action. According to The Wall Street Journal, DarkSide announced its shutdown to its associates on May 14.
The attack on Colonial Pipeline brings to light two larger issues. First, it emphasizes the vulnerability of the U.S.’ aging critical infrastructure that has been connected to the internet, either directly or indirectly. Second, it affirms the trend in ransomware: the frequency and sophistication of ransomware attacks that have dramatically increased in the last year. According to cybersecurity experts, this is because of the rise of automated attack tools and the payment of ransom in cryptocurrencies, which makes it harder to trace perpetrators.
The FBI, Depart of Energy, and the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security actively participated in the investigation and response to the incident. Actual cyber-attacks on energy systems are rare. This is the second time a pipeline operator has been targeted in a cyber-attack; CISA reported a ransomware attack on a natural gas compression facility of an unnamed company last year. Federal agencies are still checking in with other companies in the fuel industry to ensure that they are properly protecting themselves.
“Critical infrastructure owners and operators are going to experience deeper scrutiny by the government to ensure that they have stronger protections and can maintain a continuity of service,” said Melissa Hathaway, a member of the Board of Regents at the Potomac Institute and a cybersecurity expert. “The steps that management took to halt operational technologies (OT) because of ransom on the corporate IT networks suggest that the company’s networks were not properly segmented and that the malicious actors could have created even more disruption.”
In the meantime, on May 12, President Biden signed an executive order to bolster the cybersecurity of the federal government, improve its ability to respond to major cyber incidents, and improve information sharing between the public and private sectors. The order had been in the works for months but was released in the aftermath of the ransomware attack on Colonial Pipeline and after the SolarWinds supply chain compromise (attributed to the Russian SVR) and the Microsoft Exchange Server attack (attributed to Chinese state-sponsored actors). In response to the SolarWinds compromise the Biden Administration announced sanctions against various Russian entities. Both attacks initially appeared to be cyber espionage cases aimed at the theft of emails and other data, but the nature of the intrusion created “back doors” that could have enabled future attacks on digital and physical infrastructure.
The new executive order will create a new road map for cyberdefense by creating a series of digital safety standards for federal agencies and government contractors, setting up a Cybersecurity Safety Review Board to analyze significant cyber incidents and make concrete recommendations for improving cybersecurity, and increasing collaboration between companies and the federal government in terms of sharing intelligence on cyber threats.
However, some federal officials are not sure whether the order goes far enough. The new measures would not do much to stop attacks like the ones perpetrated by Russian and Chinese malicious actors, although they could help create better responses to ransomware attacks. Also, it is unclear whether the new requirements would apply to private sector companies like Colonial, meaning that it is unlikely that the order would have prevented the Colonial issue.
One thing is for certain, according to Hathaway: “Colonial will surely be further evaluated [by regulators] for the quality of its protections and its transparency about how it responded to the attack.”
Hathaway’s latest article, “Hijacked and Paying the Price: Why Ransomware Gangs Should be Designated as Terrorists,” speaks on the growing trend of ransomware attacks and the disruptive impacts on society, and the need to designate ransomware operators as terrorists. Read it here.
By Gabby Meyers, Potomac Institute Communications Intern
May 5, 2021 marked the sixtieth anniversary of Alan Bartlett Shepard Jr. becoming the first American to fly into space. Flying on Freedom 7, Shepard’s flight lasted 15 minutes, five of which were spent experiencing “weightlessness.” He reached an altitude of 116 miles above the atmosphere and a speed of 5,134 mph. Due to the positioning of the windows, Shepard was unable to see the stars, but did report seeing outlines of the west coast of Florida, the Gulf of Mexico, and Lake Okeechobee. Shepard’s experience proved that an astronaut could survive and work comfortably in space.
Shepard’s suborbital flight restored faith in the US space program. In the heat of the “space race” against the Soviet Union, the US program experienced a setback when the USSR sent Yuri Gagarin into space less than a month earlier. Shepard’s launch was initially scheduled for May 2, but was delayed due to the weather. However, in contrast to Gagarin’s flight, the details of which were kept from the public, Shepard’s flight was broadcasted on live television.
Shepard’s 15-minute flight opened the gates for new milestones in space. Less than a year later, John Glenn became the first American to see a sunrise and a sunset from space. His flight was significantly longer, lasting nearly 5 hours, during which he was able to circle the Earth three times. A few months after that, in October 1962, Walter M. Schirra sent the first live message from an American spacecraft to radio and TV listeners on Earth.
These, however, were all solo missions. The first time multiple astronauts were sent into space at once was in March 1965, which saw the first test of a two-seat spacecraft. Furthermore, none of these missions ventured further than Earth’s orbit, a barrier that was not broken until December 1968. Another common feature of these missions was that the ones that were broadcasted were done so on black-and-white television. This would not change until May of 1969. All of these breakthroughs built up to perhaps the most famous accomplishment in space history, when Neil Armstrong and Buzz Aldrin walked on the moon for the first time.
Space travel has shown us that discovery breeds discovery. As we go further, we will discover more, break new barriers, and reach even further. The Potomac Institute champions NASA and the progress the agency continues to make in space. We are excited to see the public and private partnerships that are taking the American space race to the next level, to Mars and maybe beyond. And continue to recommend strategy, policy and whatever else is asked of us to lead the world in this vital area.
Melissa Hathaway Featured article in The Institute for New Economic Thinking:
Hijacked and Paying the Price - Why Ransomware Gangs Should be Designated as Terrorists
Ransomware gangs have been causing extensive damage. It’s time that the government takes them more seriously.
Ransomware Operators Are Increasingly Acting Like Terrorists
One brazen incident has created a sense of urgency and catalyzed an acute awareness of the impacts of ransomware. The flow of roughly 45% of the fuel consumed on the East Coast of the United States has been halted because Colonial Pipeline’s information technology (IT) systems (computers, applications, and data) were hijacked by DarkSide, a ransomware operator with links to Russia. Colonial’s temporary halt of its pipeline operations was a proactive measure to protect those systems from being fatally encrypted like other parts of its corporate network. continued...
Click here to see the full article.
Melissa hathaway is a member of the Potomac Institute Board of Regensts, and a Senior Fellow.
By Tim Welter, Research Fellow, Potomac Institute for Policy Studies
The Biden administration’s flat top-line defense budget proposal of $715 billion riled up the annual debate on how much is enough to defend the country these days. But how much is not the important question. Rather, it is how those dollars are spent that matters most, a point recently emphasized by Rep. Adam Smith, D-Wash., the House Armed Services Committee chairman...