06.09.2021

June 9, 2021

When companies’ data are held hostage and they are presented with a demand for payment, should they just go ahead and pay?

Read Full Transcript EXPAND

BIANNA GOLODRYGA: Hello, everyone, and welcome to “Amanpour and Company.”

Here’s what’s coming up.

(BEGIN VIDEOTAPE)

JOE BIDEN, PRESIDENT OF THE UNITED STATES: Make it clear to Putin and to China that Europe and the United States are tight.

GOLODRYGA (voice-over): As President Biden hits the road for Europe, Belarus opposition leader Svetlana Tikhanovskaya throws down the gauntlet:

The U.S. needs to get tougher on authoritarian ruler Alexander Lukashenko.

Then:

ALEJANDRO MAYORKAS, U.S. SECRETARY OF HOMELAND SECURITY: Let’s all be stronger from a cybersecurity perspective, so that, actually, the — those

who wish to do us harm cannot succeed in doing so.

GOLODRYGA: A surge of ransomware attacks threatens to choke the global economy — why we’re vulnerable and how to fight back. I speak to security

expert Chris Krebs and ransomware negotiator Kurtis Minder.

And surgeon, scientist, inventor, philanthropist and owner of “The L.A. Times.” Walter Isaacson talks to Dr. Patrick Soon-Shiong.

(END VIDEOTAPE)

GOLODRYGA: Welcome to the program everyone. I’m Bianna Golodryga in New York, sitting in for Christiane Amanpour. Christiane is on medical leave

and will be back very soon.

Now, as President Biden lands in Europe for a week of summits, he sets himself a high bar. In his meetings with G7 and NATO leaders and his face-

to-face with Vladimir Putin, the U.S. president is out to prove the viability of democratic institutions and alliances.

But as leaders prepare to grapple with the economic and health shocks of the COVID pandemic, the climate crisis, and with crippling ransomware

attacks, an opposition leader from a beleaguered country of Belarus fires a shot across their bow.

Svetlana Tikhanovskaya appeared before the Senate Foreign Relations Committee today with an urgent call for a tough global response against

President Lukashenko’s brutal regime. Tikhanovskaya was forced to flee to Lithuania after she opposed Lukashenko in the fraudulent 2020 presidential

election there.

The former English teacher has quickly emerged as the leader of the democratic opposition. And she joins me now from Prague.

Svetlana, welcome to the program. Thank you so much for joining us.

SVETLANA TIKHANOVSKAYA, BELARUSIAN OPPOSITION LEADER: Thank you for the invitation.

GOLODRYGA: You spoke before the Senate Foreign Relations Committee today, where you sounded the alarm and compared Belarus under Lukashenko to North

Korea and Europe. Explain why and what was their reaction?

TIKHANOVSKAYA: Lukashenko now doing everything to isolate the Belarusian from the world.

He is trying to silence people, to threaten people, to make people scared. Thousands of people are in jail. Thousands of people who had courage to say

their words against regime.

And now he is torturing people, he is violating people just to make them to make them silent.

GOLODRYGA: You mentioned people in jail.

There are currently more than 470 political prisoners alone in prison just over the past few years under Lukashenko. After he ordered that Ryanair

plane to land in Minsk to arrest and detain that opposition journalist Roman Protasevich, we saw a number of sanctions from neighboring E.U.

countries, the United States as well, basically isolating the country.

This is something that you were in favor of as well. And the U.S. ambassador to Belarus, Julie Fisher, who, incidentally, is not allowed into

the country by Lukashenko, she has warned that there will be more sanctions coming.

Is the response appropriate, in your opinion, or should there be a greater response?

TIKHANOVSKAYA: No, I think that democratic countries’ most powerful leverage is sanctions.

And sanctions scare the regime of Lukashenko, because this economic isolation will not let him to pay to riot policeman. And this will —

sanctions will stop violence, will help to release political prisoners.

And we have already had three packages of sanctions list from European Union and sanctions from the USA. And after this accident with fight, we

hold that response of European Union will be much, much stronger, because now Lukashenko is threatened, not only to the Belarusian people, not only

inside the country, but he’s threatened to international community.

GOLODRYGA: And with his back against the wall now, as he is isolated, that puts him into the orbit of Vladimir Putin, who really is his benefactor.

The two met last week in Sochi. And we know that Vladimir Putin has extended more credit, more money to the beleaguered country. He was just

asked last week, Vladimir Putin was asked, what would he do? Would he bring a plane down in a similar fashion if a dissident was on board? And he sort

of joked and laughed: I’m not going to tell you.

With all of that in mind, we know there’s going to be an upcoming summit next week between Vladimir Putin and President Biden. What would you advise

President Biden to say to Vladimir Putin in regards to Lukashenko in Belarus?

TIKHANOVSKAYA: No, I think that Mr. Biden has to pass full, clear messages to the Kremlin, that the situation in Belarus is not able geopolitics. It’s

our fight against regime inside the country.

The second message is that to get out of this political and humanitarian crisis, we have to help new friends, their elections, this year. And the

third message is that Russia has to stop support regime — Lukashenko, because supporting the regime of Kremlin is supporting violence and torture

in Belarus.

And the fourth one and the last, that independence and sovereignty of Belarus is not for trade.

GOLODRYGA: Do you worry that continued sanctions and pressure against Lukashenko will only help Putin, in the sense that he has long wanted to

bring Belarus back into the Russian orbit?

Your hopes and your dreams for your country are to be a free democracy. Are you worried that the sanctions may be counterproductive and could help

Putin more than hurt Lukashenko?

TIKHANOVSKAYA: You know, we have to emphasize that sanctions are against the regime to stop violence and release political prisoners.

And integration of Belarus into Russia is already too tight. And the last step is losing sovereignty. And we send clear message that people will

defend our sovereignty.

So we have to, like, urge the Kremlin that people will defend the sovereignty and that Kremlin doesn’t have to use weakness of Lukashenko

just to reach any aims.

GOLODRYGA: And, as we mentioned, this heightened tension and the pressure on Lukashenko stemmed from the detainment of Roman Protasevich

We saw that horrible video of him last week in that mockery of an interview, where you could tell that he was forced to speak the praises of

Lukashenko. There were marks on his arms. And you see him crying there, clearly in a lot of stress and under a lot of stress.

His father has reported that he is severely ill with tonsillitis. How concerned are you about his welfare? And what do we know?

TIKHANOVSKAYA: Yes, Roman’s lawyer didn’t get access to Roman for 10 days.

And, today, we know that, already, his lawyer had opportunity to visit him. And he’s badly damaged. He’s in awful moral situation. And we are sure that

he was tortured. Lawyer can’t say everything about his state, but we all know in — how such videos are shot, under what pressure people are there

in jails and they’re tortured to say what regime wants to hear.

GOLODRYGA: Svetlana, you know this firsthand. You’re not only fighting for the freedom of your country. You’re fighting for the freedom of your

husband as well.

You were not in this position just a couple of years ago to be an opposition leader. It was your husband who initially had taken on

Lukashenko in that mockery of an election. Your husband has been in jail now for a year.

And you testified today that your 5-year-old daughter equates jail with a business trip. And that she always asks, when is he going to be home from

that trip?

What has this been like for you, and how is your husband doing?

TIKHANOVSKAYA: You know, my husband, as you said, the whole year in jail, innocent person.

And, of course, his moral state is awful. It’s — you see, he’s losing his years of life. He’s losing his health there. And, of course, we have to do

everything possible to release him and other political prisoners as soon as possible.

As for me, political prisoners are — make me keep going, because I feel all this pain, as the wife of a political prisoner, as the friend of

political prisoners, as the relative of political prisoners. And I understand that they sacrificed with their lives, years of their lives, to

give us opportunity to continue this fight against regime.

So, this keeps me going. And I will do everything possible to release all of them and bring our country to new elections just because of sufferings

of those people.

GOLODRYGA: And those sufferings have been seen around the world, as have the valiant and brave protests, in particular of so many women, Belarusian

women, fighting for independence and democracy. And, obviously, you have been leading the way there.

Svetlana Tikhanovskaya, thank you so much for joining us today. And, of course, we will continue covering your battle as well.

TIKHANOVSKAYA: Thank you. Stand with us.

GOLODRYGA: Thank you.

Well, cybersecurity is another critical priority for Joe Biden’s meetings with world leaders this week. Ransomware attacks surged in 2020, with more

than 300 million cases reported.

So, when President Biden meets Vladimir Putin in Geneva, he will challenge Putin to crack down on cyber criminals operating with impunity inside of

Russia. Already this year, ransomware threats jammed energy and food distribution in the United States.

Correspondent Alexander Marquardt has the latest in this report.

(BEGIN VIDEOTAPE)

ALEX MARQUARDT, CNN SENIOR NATIONAL SECURITY CORRESPONDENT (voice-over): One month after the cyberattack by Russian hackers that crippled Colonial

Pipeline and caused long lines at gas stations up and down the East Coast, the company’s CEO defended his decision to pay the attackers $4.4 million.

JOSEPH BLOUNT, CEO, COLONIAL PIPELINE: It was the hardest decision I have made in my 39 years in the energy industry. And I know how critical our

pipeline is to the country. And I put the interests of the country first.

MARQUARDT: CEO Joseph Blount, who said his company carries almost half the fuel on the East Coast, said he was deeply sorry for the impact of the

breach, but argued his focus was getting operations back up and running.

BLOUNT: I believe with all of my heart it was the right choice to make. But I want to respect those who see this issue differently.

MARQUARDT: Blount admitted that, despite spending $200 million in the past five years on cybersecurity, they did not have a plan for the growing wave

of ransomware attacks.

In the immediate aftermath of the attack on Colonial’s I.T. system, Blount said they contacted the authorities.

BLOUNT: And we reached out to the FBI within hours.

MARQUARDT: It was that cooperation, both he and the Justice Department now say, helped the FBI track down and recover most of the ransom paid, the

cryptocurrency Bitcoin to the Russian hacking group DarkSide.

LISA MONACO, U.S. DEPUTY ATTORNEY GENERAL: Ransomware attacks are always unacceptable. But when they target critical infrastructure, we will spare

no effort in our response.

MARQUARDT: The six-day shutdown of the pipeline was a startling reminder of how vulnerable the country is. It was immediately followed by another

attack also by Russian cyber criminals on the world’s biggest meat producer, JBS Foods, which took all of their American beef plants offline.

SEN. GARY PETERS (D-MI): Cyberattacks used to be merely an inconvenience. We now know that they’re becoming attacks on our very way of life.

MARQUARDT: And hours before today’s Senate hearing started, news broke that a service for constituents in almost 60 congressional offices had been

targeted in a ransomware attack. So far, there’s no evidence any sensitive information was obtained. But it underscored our new reality.

SEN. ROB PORTMAN (R-OH): No one is safe from these attacks, including us.

MARQUARDT (on camera): It is that recognition that society across the board is vulnerable to these growing attacks that has made this such a

focus for the White House.

It is rare to have cyber issues mentioned so frequently as presidential- level priority heading into a series of major international meetings, but that will be the case over the coming weeks, as President Biden travels to

Europe, both in his meetings with G7 and NATO partners and, of course, in that critical summit with Russian President Vladimir Putin, where Biden is

expected to tell Putin that Russia has to crack down on these cyber criminals operating from Russia against the United States.

(END VIDEOTAPE)

GOLODRYGA: Alex Marquardt reporting there.

Well, let’s dive deeper into this now with Chris Krebs, co-founder of the Krebs Stamos Group and former director of the U.S. Cybersecurity and

Infrastructure Security Agency. He is joining me now from Washington.

Chris, great to have you on the show.

And I think it’s telling as to how prevalent these cyberattacks are that we continue to see you on our airwaves. You were covering this, obviously,

behind the scenes. But for millions of Americans, this isn’t something that was front and center. And now it is.

Last year alone. 2,400 U.S.-based governments, health care facilities, schools were victims of ransomware attacks. Obviously, we now know the

Colonial Pipeline, the JBS meat supplier, some of the more high-profile.

Why are they becoming so much more prevalent?

CHRISTOPHER KREBS, FORMER DIRECTOR, CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY: Bianna, thanks. Thanks for having me on.

Well, look, I think what we’re seeing here more than anything is an accretive problem, in that ransomware attacks have been going on for a

number of years, a decade or more. But with the prevalence of cryptocurrencies that enable payment, a — perhaps a safe haven within

states like Russia, allowing it to happen, and, frankly, a very vulnerable critical infrastructure base here in the United States, those three things

have come together and seen this explosion, at least of what we have seen over the last several months.

But, again, it’s been happening for quite some time. And unfortunately, there are — there’s not yet been enough done, including putting

consequences on the ransomware actors, to really change the calculus of any of these attacks.

GOLODRYGA: Well, it’s risen to the level of an executive order issued by President Biden just a few weeks ago.

And this order requires federal agencies to implement additional I.T. security measures and set standards for commercial software.

You call this an ambitious order. This is for the federal government agencies, of course, but do you anticipate that this will trickle down to

the private sector as well?

KREBS: I do.

I think that executive order, released about a month or so ago, was actually prompted by some of the espionage-based attacks that happened

earlier in the year and even at the tail end of the Trump administration.

But there will be cascading effects, because the products, the software products and services that the federal government buys are the exact same

products and services that our critical infrastructure owners and operators buy and deploy.

So, those requirements that will be leveraged by the purchasing power of the federal government will have a cascading effect over the private

sector.

GOLODRYGA: And we saw why this is a national security threat, given what happened with the Colonial Pipeline shutdown and that cybersecurity hack

there.

When you look, however, at what even the CEO has been testifying before lawmakers, he said today: “We have rebuilt and restored our critical I.T.

systems and are continuing to enhance our safeguards. But we are not yet where I want us to be.”

Does that alarm you?

KREBS: It’s perhaps alarming, but, at the same time, not necessarily unexpected.

I would probably take it up a few levels above the Colonial issue and just think more broadly about our critical infrastructure, businesses in this

country.

Every single chief executive, every single leadership team needs to be watching these hearings and saying, how am I going to improve my

organization cybersecurity posture?

Every single senior leadership team in every business in America should be asking questions amongst their security team, their legal team, their

boards of directors: What are we going to do if we get hit with a ransomware attack? How are we going to respond? Can we recover? Who are we

going to call, and how quickly, and are we going to pay the ransom?

There are things you can do right now to prepare for an event and prevent it, but, most importantly, if you do have that bad day, that you can

respond and recover perhaps a little bit better than you would have previously.

GOLODRYGA: And it’s not only CEOs and investors who are paying attention now. Everyday consumers are too, right, when you can’t go get your beef at

the grocery store, when you’re waiting for hours to put gasoline in your car. You see that trickle-down effect in real life.

A lot of these attacks originate, these hackers are in Russia. They originate from Russia or former Soviet republics there. We know that

President Biden will be meeting with Vladimir Putin next week. And this is a very top priority for them to discuss.

Whether or not Putin has signed off on these hacks, there’s a clear sense that he’s not doing enough to clamp down on them, one of the indications

being that it’s not necessarily Russian companies that are the recipients of these attacks.

And, in fact, I know that there is study and investigation showing that, when these hackers see Cyrillic keyboard use, they tend to leave these

companies alone.

So, aside from “knock it off,” what is it that President Biden should say to Vladimir Putin to at least deter him or to put more pressure on him to

handle this differently?

KREBS: Well, I think, to start with, this is not a uniquely American problem.

The Irish national health system, there have been French companies German companies, European countries all over the place that have been hit with

ransomware attacks.

And so we have allies through the G7 and the G20. And so, when you look at the president’s European swing here, he will be bringing up, as I

understand it, ransomware at every stop. And so, when he — when the president does meet in Geneva with President Putin, he will have a group of

other countries and multilateral groups flanking him, saying, we have had enough. It’s time to clean up the Russian Internet ecosystem and not allow

this stuff to happen anymore.

And there are things that individually we can do as countries, including perhaps enhanced regulation over cryptocurrencies, more stringent

requirements over hosting and other Internet-based services. Those are the sorts of things that can make it harder for the criminals to act.

But, fundamentally, we cannot accept, as a global community, safe harbor for these criminal groups that are, frankly — it’s only going to get worse

in the coming months and years.

GOLODRYGA: And, typically, the sort of policy from the U.S. government is not to pay these ransoms, to avoid paying them, because they set a

precedent.

And, obviously, we have seen the price tag on these ransoms go up over the years. However, there are some critical infrastructures, like hospitals,

where you do need to pay. You don’t really have much of an option in your deciding whether or not to pay these — this exorbitant fee or to keep

people alive.

So how do you break that down as far as your approach to this? I know that you fundamentally believe that this should not be taking place, but, in

these life-or-death circumstances, what should companies do?

KREBS: Well, I — you already hit it, in that I am fundamentally a don’t pay. I fall in that camp.

But I understand there are edge cases that may require, certainly in life- or-death situations or existential issue — your risks for the companies themselves, that they need to pay.

I think, at a minimum, we have to have mandatory reporting, not just on ransomware incidents, but larger-scale cybersecurity incidents, like what

we saw last year with the Russian SVR hack on a Texas software company, SolarWinds.

We have to provide more information to law enforcement and my old agency, CISA, to ensure that we understand what’s happening out there, because

without — with imperfect information, you make imperfect decisions. And we have to have a better understanding of what the real denominator,

particularly for ransomware attacks are.

And so it’s mandatory reporting, at a bare minimum.

GOLODRYGA: We know, Chris, that — and you know that the U.S. government has the largest arsenal probably of cyber hacking tools, and that’s through

the NSA or the CIA.

And in terms of helping companies within the United States avoid these cyberattacks, should more tools be shared, obviously, not to the extent

that you give up any of your tactics with our targets or opponents around the world? But would that be more helpful if the U.S. government actually

shared some of these valuable tools with U.S. companies?

KREBS: I certainly think we need to continue sharing practical cybersecurity advice with our businesses here in the United States.

And the unfortunate reality is, is good basic cybersecurity practices are still hard to do. So we need our I.T. sector partners and our cybersecurity

vendors to make it easier to defend networks. So that’s point one.

Point two is, we do have capabilities within the intelligence community and the defense community that can be brought to bear to impose some costs, to

put some consequences on these actors. And I think what we’re really seeing come home to roost more than anything is, we have been focused on state

actors, state intelligence services.

And over time, given room to run, these criminal gangs, these cyber criminals have, unfortunately, been a little too success, if not a lot too

successful. And it’s time to draw our attention on them and make them feel a little bit of pain.

GOLODRYGA: Well, Chris Krebs, this is a very complicated subject matter. I think, for a lot of people at home, they find it intimidating and over

their heads, but the last few weeks and the last few months obviously, is a reminder that this is something everybody should focus on.

And I just want to end by saying, we have been talking about a lot of the hits that the U.S. has taken. Obviously, with your leadership, in terms of

the election in particular, that was an overwhelming success. So thank you so much for keeping us safe in that aspect. And thank you for joining us

and breaking it down for us. We appreciate it.

KREBS: Thanks, Bianna.

GOLODRYGA: Well, listening to that is someone with a slightly different perspective.

Kurtis Minder is the CEO of GroupSense, a cybersecurity firm. He’s also a ransomware negotiator.

Welcome to the program, Kurtis.

And that is sort of a new term for us, a ransomware negotiator, but here we are.

First of all, walk us through what it is your job entails.

KURTIS MINDER, CEO, GROUPSENSE: Well, ransomware negotiation is a small part of what our business does.

We sort of fell into it about two years ago sort of accidentally. And over the last two years, we have spearheaded negotiations for large enterprises,

small businesses, and everything in between, basically facilitating the communication between the victim and the ransomware operators.

GOLODRYGA: So, when you heard that conversation I just had with Chris Krebs, where he said, in most circumstances — obviously, you have to take

one — each has their own, especially when there is life and death at stake — but, for the most part, he, along with the U.S. government, advise

against paying these ransoms, what is your response to that?

MINDER: I actually work closely with law enforcement.

Every time we do one of these incidents, we work with the local FBI field office. We encourage our clients to notify law enforcement each time. And,

yes, they do advise not to pay the ransom.

However, many of these companies are small businesses or medium businesses that there is no other option. It’s either pay the ransom or go out of

business. And, of course, in the case of health care or critical infrastructure, people could be in harm.

So, until there’s a better option, I think it is necessary to leave this on the table as a possible tool to resolution.

GOLODRYGA: If you don’t mind me asking, how does one train to become a ransomware negotiator? I know that this is something you have picked up

over the years through experience. But is this going to be sort of a new model, a new profession?

Where did you get your background?

MINDER: Well, I certainly hope this doesn’t become a pervasive profession. I hope — some of Chris’ points, I hope, with some government intervention

and some better cybersecurity hygiene, this is a part-time thing and it goes away.

(LAUGHTER)

MINDER: But, as far as how do you train, the negotiation principles for negotiating with hostages, negotiating to buy a car, or negotiating with

threat actors are very similar.

The difficulty in training what we do is, in most of the other cases, you can read tone, intonation, things like that. In this case, we’re often

negotiating over a Dark Web chat site. So we — it’s almost like negotiating over text message, which makes it very difficult to read those

things. And those things are important.

So, there is a skill to learning the language. And many of these threat actors that we’re dealing with are English as a second language, obviously,

so reading through their poorly translated words to find sort of nuances and tone.

GOLODRYGA: Yes. I know your girlfriend has actually been helpful for you in that sense, because she speaks Russian and Romanian and some other

Eastern European languages. And she’s taught you — or you refer to a lot of these hackers as grasshoppers or kuznyechiks, right?

(LAUGHTER)

GOLODRYGA: Why do you try to develop a relationship with what most people would just assume are bad guys?

MINDER: Well, you don’t want to go into it calling these folks bad guys. They know what they’re doing is wrong. Everybody’s going to justify their

actions in some way.

So, just driving toward the desired outcome, which is to reduce the ransom to the most — the smallest amount possible, the best approach is to treat

these folks like business associates and the whole process like a business transaction.

GOLODRYGA: But, I mean, I guess it’s hard to — I mean, I understand your — where you’re coming from and your perspective.

But I think, for those at home or those who have had to wait in line for days to get gasoline or worried about beef or whether they’re going to be

hacked, they don’t view this as a business transaction. They view this as a black-and-white bad guy, good guy.

And what do you say to those who may think that you’re encouraging this type of bad behavior?

MINDER: Well, we certainly don’t want to pay the threat actors any more than the victims do.

But, like I said, in this case, if there were a better option — and I think Chris alluded to this, that, if the U.S. government could put

together a comprehensive program that not only helps companies prevent this on the front end with a basic cyber hygiene, but also helps with the

recovery without paying the ransom, then we could avoid this altogether.

In the case — in most cases, though, this is one of the only tools available to these companies to solve the problem. And regardless of

whether you negotiate or not, those companies are actually impacted by this.

So, there’s going to be lines at the gas stations regardless, and potentially it could be longer to recover.

GOLODRYGA: And what makes this more difficult and more challenging, as to what Chris alluded to as well, is the role of cryptocurrency, right, and

blockchain. It’s much harder to trace for this specific reason.

And I want to get your reaction to what the U.S. government did in trying to claw back some of that money that was paid from Colonial Pipeline just

this past week, about $2.3 million in Bitcoins.

Does that change the game? Was this sort of a one-off or did you see something there that could actually help penetrate and maybe minimize some

of these attacks in the future?

MINDER: Well, so, you know, our day job is actually cyber reconnaissance. So, we spend a lot of time tracking, tracing bad guys and we do a lot of

cryptocurrency tracing and tracking, both with the transactions and in our regular day jobs.

So, what I would say is, yes, it’s impactful. However, the threat actors have a lot of options. And they will simply move to other platforms that

are less likely to be able to be traced. So, we’ve even seen this in the transactions we’ve done in the last year, where a lot of the threat actors

are moving away from the Bitcoin platform into other platforms like Monero, which are very difficult to trace.

GOLODRYGA: When the government would tell a CEO of a company that’s been hacked, right, and has ransomware demanded of them and pay, would you

suggest, like the government does, that they notify authorities first or reach out to you? Because you said you work with authorities, but how — is

it you work both ways or — I mean, explain that to us?

MINDER: So, when we get called in on an incident, the first thing we do is we have a business discussion with the client about the impact of the

business. That’s going to help us determine whether we pay the ransom or not. The next thing I do is encourage them to involve law enforcement. And

some of them choose to do that, some of them do not.

In any case, wherever we are asked to cooperate with FBI, whether that’s giving them indicators or threat intelligence data that we collect, we

absolutely comply with that. And we’re very friendly with those organizations.

GOLODRYGA: We’re spending a lot of time focusing on Russia right now, and rightly so. That’s where a lot of these hacks originate. What is there that

you see, perhaps, that we don’t? What worries you? What keeps you up at night in terms of the next level of these attacks?

MINDER: Well, Chris has said one of my favorite things, which was, until there’s sequences, this is only going to escalate for the threat actors.

What we’ve seen is, as we crack down on the ransomware, whether it’s better backups or the software to prevent it or decryption capabilities, we will

see them pivot to other methods. And we’ve even seen threat actors move to other business models where they just exfiltrate or steal the data and then

sell that data on an underground marketplace or do an extortion attempt against the victim.

So there — until the — as long as they can operate in — you know, with impunity and amnesty inside their country, whether that’s Russia or Belarus

or something similar, you know, it’s going to be difficult to stop this.

GOLODRYGA: What has been the response from your clients? I would imagine this is an industry where it’s not a thing if you have repeat customers.

But what has the response been in general? I know in reading an interview with you, there had been times where you had wanted to continue

negotiating, because you thought that you could lower the price tag even more, and you had some clients say, no, no, no, we’re willing to pay this.

What has their reaction been in general?

MINDER: Well, it depends on the size of the companies. For the larger companies, you know, the publicly traded companies, there’s a lot of people

involved, including lawyers, internal and external counsel that are real driving those decisions.

For almost everyone else, you’re talking about an individual operator, maybe one or two I.T. professionals, it’s a very emotional situation. So,

you know, a lot of people are potentially going to lose their jobs. People who have built businesses for 10 years might lose that business. And so,

part of this whole process is also being a counselor in helping them remain objective during this, you know, unfortunate event.

GOLODRYGA: This is so much about relationship building. And I’m wondering if part of you works on rehabilitating these hackers, right? And some of

them just identify themselves as bad guys. Some say they have a mission and they’re trying to do good work or what have you. Whatever their motivation,

do you try to bring them onto the — you know, the other side, to work with you?

MINDER: Well, with the individual operators, there’s always an opportunity to get to know them better. And we have opened dialogue sometimes with

those folks. I have not hired any of them, but we have sort of casual conversations about what they’re doing and the impact of those things. I

can’t tell you whether that was effective or not.

The rest of the ransomware operators are largely operating like a business. Many of the folks we’re dealing are employees of the larger entity. And

it’s very much a transactional thing. And so, you know, you’re not able to really penetrate at that level.

GOLODRYGA: Well, Kurtis Minder, it’s been an educational time talking to you. I’ve learned a lot, and I would imagine a lot of your clients are very

happy with and satisfied with the work that you do in bringing their suffering to an end. That is a terrible note to get anytime somebody opens

their computer and see that they have been attacked and demanding ransomware.

Thank you so much for joining us. We appreciate it.

MINDER: Yes. Thank you so much for having me.

GOLODRYGA: Well, it’s hard to know where to begin with our next guest, as his resume is so packed to the gills, it’s almost tough to wrap your head

around. Born in South Africa to Chinese parents, Dr. Patrick Soon-Shiong studied medicine, then went to the United States where he became a

transplant surgeon and researcher for NASA. That wasn’t enough. He then invented the cancer drug, Abraxane, which put him on the path to becoming a

billionaire.

In 2018, he bought the “Los Angeles Times,” but he’s still very much in the biotech world, working of develop a new form of COVID vaccine. Here he is

discussing it all with Walter Isaacson.

(BEGIN VIDEO CLIP)

WALTER ISAACSON: Thank you, Bianna. And, Dr. Soon-Shiong, welcome to the show.

PATRICK SOON-SHIONG, EXECUTIVE CHAIRMAN, IMMUNITYBIO: Thank you for having me.

ISAACSON: You bought the “Los Angeles Times,” a storied newspaper, and as an old journalist, I have a question, which is, why would a surgeon with no

media background, who becomes an immigrant to the United States want to own a newspaper?

SOON-SHIONG: Well, I think it’s all about my upbringing, right? So, I was born in South Africa under apartheid, and the only thing that really kept

me alive and inspired and educated was a newspaper. So, the “Evening Post” and the “Herald,” I would be there every day, I would be at the printing

press as the paper came off. So, it was in my blood, so to speak.

And when the opportunity came for the “L.A. Times,” which I was very, very fearful of it being lost and it speaks to power. It’s important for

democracy. It’s important for free speech. And frankly, it’s an educational tool. So to me, it was a great opportunity for me to take this storied

newspaper and try to survive it.

ISAACSON: When you were reading newspapers in South Africa, during a period of apartheid, tell me the importance of that.

SOON-SHIONG: Well, you know, think about all of the hardships and the atrocities that some of the people would go through, and people who had the

bravery and the courage to report that. Some of them were locked up. Some of them were put in house arrest. But that inspired us to — or inspired

me, at least, to be able to go to a single source of truth, at least.

And so, again, I think it’s important that a newspaper be a place where they could be some truth and integrity.

ISAACSON: So you came over to Los Angeles, the medical training, you become a surgeon. How did your career take off in order to allow you to do

things like buying newspapers?

SOON-SHIONG: By accident, honestly. Because, really, the pursuit of my — the science and the pursuit of the dream. So, you know, I came, as I said,

from South Africa to Canada and from Canada, got recruited to UCLA. And Los Angeles was this cauldron of amazing innovation. Caltech, UCLA, USC, major

schools. And as an assistant professor of surgery, I also got involved in NASA. So, it’s not very well-known that I was also part of the space

shuttle program.

So, my lens was from a surgeon that was doing pancreas transplant, and then other part of my other lens is there’s a surgeon doing what we call

whipple, so pancreatic cancer. So, I had a sort of unique view of the immune system of the human being. And from that, that forged everything

I’ve done and everything I’m still doing with regard to trying to activate immune system.

ISAACSON: And so, you became a biotech entrepreneur. How did you end up making so much money at that?

SOON-SHIONG: It wasn’t an entrepreneur’s perspective. It was really a scientific’s clinician. So, I looked upon this as a clinician trying to

establish a global practice of medicine. So, my first vision was to actually create this nanoparticle of albumin for cancer. And, again, I was

going against dogma. Everybody, and still to this day, was given high-dose chemotherapy to kill the tumor. And I recognized that, in fact, in so

doing, we actually wipe out the immune system.

So. I wanted to create a nanoparticle, and it turns out that albumin is ubiquitous. All tumors, regardless, you lose weight. So, I surmised that

maybe the whole thing is the tumor is eating albumin. So, why wouldn’t we create a nanoparticle of albumin and allow the tumor to feed on that? And

remember, those were the days when people were talking about starving the tumor. I said, let’s feed the tumor, but feed it rat poison.

So, that was the pursuit again of a strategy that was against dogma of a nanoparticle technology that didn’t exist. And if you may know, President

Clinton at that time just created the nanotechnology institute within the federal government.

So, the pursuit of that and when the hypothesis is correct and got approved for breast cancer, lung cancer vaccine (ph) did, Celgene went to that

molecule and I was happy to sell it because I wanted to go on to the next adventure. And that’s where the money came from.

ISAACSON: And how are you trying to create a new form of COVID vaccine, which I know you’re trying to bring into South Africa, which is facing new

strains of coronavirus?

SOON-SHIONG: Yes, you know, from the outset, when COVID hit in 2020 and 2019, we recognized that this is acting like cancer. This virus goes into

your cells and uses the machinery to escape, it uses the cell itself. So, blocking it alone with antibodies is not sufficient. You need to find way

to kill the infected cell. And the only way to kill that infected cell is with the T cell.

So, using our experience in cancer, by March 2020, we had the first gene we produced vial that was going after the innards of the virus as opposed to

just the surface of the virus. The innards called the N protein and the surface is called S protein. And so, our approach was to generate T cells

as well as antibodies. And that’s where we are now.

ISAACSON: And so, that’s fundamentally different from the messenger RNA vaccines that have been rolled out. Do you think that you’re going to pass

the clinical trials and have this used soon in South Africa and maybe the United States?

SOON-SHIONG: Well, we’ve already in trials in South Africa and we are already in trials in the United States. And the way to think about these

different vaccines is what we call a DNA vaccine, which is these adenoviruses, and then there’s an RNA vaccine and then there’s a single-

protein vaccine, as broadly three big categories.

It’s my belief, actually, that the best opportunity for long-term protection is to have a combination of one of these two. An RNA vaccine,

plus a DNA vaccine, or a protein vaccine plus a DNA vaccine, to allow different parts of the machinery of the human body to create different

elements of the immune system. That is a complex system’s approach that I’ve taken to cancer and I’m trying to take that to COVID.

So, it’s a marathon, as opposed to a sprint. We’ve gone through this sprint. I recognize mutations would occur. They have occurred. The variants

actually are nonresponsive now to the antibodies, which is predictable. So, we now are at the second stage, which are called the second-generation

vaccines, which we are now going bring through South Africa.

ISAACSON: Tell me about growing up in South Africa, from a family of Chinese immigrants.

SOON-SHIONG: Well, in a funny way, it was an upbringing that actually, as I said, forged everything I do. We couldn’t vote. We had no right to

property. We were poor shopkeepers. Yet, the people with whom we were surrounded by, Indian, black, Chinese-colored, so to speak, were in a sense

happy people. And that’s what I think wonderful about the South African culture. They are, in essence, happy people.

So, while there were indeed hardships and inequities, we grew up as a community. And I think what forged me, really, is to fight for the

underdog. And that’s what we’re sort of doing now. I was the first Chinese ever to be allowed to work in a white hospital. And the government said, if

I did that, I would have taken 50 percent of the salary of my peers. My peers wanted to go on strike, and I said, no, you’re not, because I want to

get the best education I can as an intern.

I was there during the 1976 Soweto uprising in which children were being shot in the back. So, I — and I volunteered. I went to the TB clinics to

help these kids. So, I think all of that background forged me as a physician, as a physician scientist, to see how I can bring technology and

create capacity in that country. And then lead from that country for all of Africa. That’s what’s needed now.

ISAACSON: How did that help inform your view or feelings about racism when you came to Los Angeles and became a newspaper owner?

SOON-SHIONG: You know, it gave me not only empathy, and you know, when you see Black Lives Matter, people have this verbiage. But unless you lived it,

you really don’t understand it. And racism is — overt racism, as it was in apartheid, but there’s subconscious racism. There’s unconscious racism and

there’s conscience racism.

And there’s — so, sadly, I began to realize, you know, when I came to this country, and, you know, UCLA is in a very nice neighborhood. And I was

looking for an apartment and then we had the ability to find a house, one of our neighbors said, how did you get the money to buy a house here?

And, you know, another USC professor said, maybe you should go back from where you came. You know, it’s — these are the kinds of statements that I

don’t think is unusual, it’s perverse in our country. And as I said, I had to stand up, especially with this Asian hate going on, that we need to

recognize it. And as a newspaper, we can speak against it, openly, and recognize it and not be afraid to call it when we can.

And ironically, I think South African is much more enlightened now, because of what Mandela has done in terms of reconciliation. The country is

enlightened. And I don’t think I see that enlightenment here yet in this country, ironically as it may seem.

ISAACSON: How could we get towards that enlightenment?

SOON-SHIONG: By recognizing who we are. You know, the country is both on the fabric of slavery. It is both on the fabric of racism. There still is

racism. And being very honest about it and recognizing it, and developing a level of compassion and humanity and dignity and respect. All of these

words are just words, but that’s happening in South Africa now, largely because of what President Mandela did with regard to reconciliation and

recognition.

So, maybe two or three generations, I’m hopeful this next generation or two more generations will begin to see this. Black Lives Matter and Asian hate

is not a political statement, it’s really hopefully a movement of recognition.

ISAACSON: When you bought the “L.A. Times,” you wrote an essay in the paper, saying that the paper had covered the city in a somewhat racist way

in the past. Tell me what you mean by that. Give me some examples.

SOON-SHIONG: Well, if you look at the history, obviously, which was before my time, way before when the Chandlers that had the paper and everything

else, and it is what it is. It’s not to speak disparagingly about the evolution, but if you look at some of the terminologies that we were using,

right? I mean, for example, President Ramaphosa rightly said, you know, the (INAUDIBLE) rights is not the (INAUDIBLE) rights, it was the uprising. And

it is a very subtle terminology. Again, it’s unconscious.

So, we needed our newsroom to understand, when they say things like that, what do they really mean? Is this unconscious bias? Now, it was much more

so before we took over and we’re trying to change that by really education of everybody within the organization. And I think the good news, I’m very

pleased to say, it’s really, really — I see real progress there.

ISAACSON: And what are you doing to change the coverage of the newspaper so that it’s done with a different racial perspective?

SOON-SHIONG: Well, I think one of the things, diversity of the newsroom itself, right? I mean, I think you can’t write about a Caucasian writing

about a Latino or somebody coming from African-American does not have the same empathy or perspective of somebody living in that community. So, we’re

trying to create a diverse newsroom, all across — all the way up to the editorial level.

And as you really now see, with Kevin Merida coming onboard, and his insights, I’m really excited about that. So, we need to change it all the

way from the lowest level all the way up to the editorial level.

ISAACSON: When you hired as your top editor, recently, Kevin Merida, who is one of the foremost African-American journalists and editors in the

United States, were you doing it consciously because you were seeking or trying or hoping to get a black editor?

SOON-SHIONG: No, it wasn’t — again, that would have been, in a funny way, a racist thing to actually even look at, right? So, it was really to find

somebody, one, who really understood the community, and before — because he was such a great journalist from “The Washington Post.” And then he went

into Disney and ESPN and understood sports and to the media and understood — and in addition, obviously, he had the knowledge and empathy of the

racial issues.

So, all taken together, he was truly the perfect fit for what we need. I mean, the paper has evolved to beyond the paper. It has involved into what

I call a media platform. It’s a challenge, but we’re going to get there.

ISAACSON: In order to buy the “L.A. Times,” there was some complex dealings with the Tribune company that owned all of the papers including

the “L.A. Times” at one point, that left you with a stake in the Tribune company. And just recently, they sold to a hedge fund, Aldine Capital,

that’s caused huge amounts of controversy. You didn’t try to block that. Why not?

SOON-SHIONG: Because I’m just realistic and pragmatic. You know, I was hopeful that there would be — in fact, there was, as you may know, two

other buyers that pragmatically, I had my hands full with the “Los Angeles Times” and the “San Diego Tribune,” which I thought it was really important

for me to survive.

That paper is losing money. But now, thank God, we’re doing a slow turnaround because of all of the millions of dollars we’ve put into this

infrastructure. And I knew just realistically, just doing — you know, so, frankly, I wanted the board to make its own decision. And as you know, what

I did was just an en vote (ph). The U.S. board need to go make this the right decision. And that’s what they did.

ISAACSON: But would you prefer that newspapers go into the hands of people like yourself who want to run them and that we should try to avoid them

going into the hands of hedge funds like this?

SOON-SHIONG: Of course. I mean, I think it’s a public trust. I see the newspapers as a public trust. So — but, you know, (inaudible) has done his

thing and “Washington Post” done fantastically. Obviously, I’m trying to do it. But there aren’t many people that can afford that. It’s a losing

business. And we have to truly face the reason why that is so.

And why that is so, is because the platforms are being used through fair use and not fairly using fair use to take a work of hard reporting, and use

it freely. And then take all the advertising dollars. And how can a business therefore survive in that kind of environment? So, that’s just the

reality of life and we have to figure out a way.

So, you know, if Congress understands that newspapers is basically democracy, I have to find a way to help survive these newspapers. It can’t

be left to individuals like myself to take on the entire “Chicago Tribune” and “Florida Sentinel,” and all of the Pennsylvania, as well as “L.A.

Times” and “San Diego Tribune.” So, this is really where it really needs a national attention.

ISAACSON: Dr. Soon-Shiong, thank you so much for joining us.

SOON-SHIONG: You’re welcome. Thank you for having me.

(END VIDEO CLIP)

GOLODRYGA: As we mentioned, President Joe Biden is set to arrive in the U.K. today. His press pool, however, had a bit of a delay with a flight.

They were all set to go Tuesday night but a swarm of cicadas had other ideas. Their invasion of the plane’s exterior was so extensive that the

airline had to call in another bug-free plane. That flight eventually took off this morning, more than six and a half hours behind schedule.

Delta Airline says the cicadas caused an auxiliary power unit to fail, and even the commander in chief wasn’t immune from a cicada attack. Take a

listen.

(BEGIN VIDEO CLIP)

BIDEN: Watch out for the cicadas. I just got one, it got me.

(END VIDEO CLIP)

GOLODRYGA: Right there on his neck.

Well, finally, one woman’s incredible journey across Europe. Ursula Martin just completed a mammoth 5,000-mile or 8,000-kilometer walk from Ukraine to

Wales.

Amazing. It took her three years, eight pairs of boots, and even waiting out a six-month lockdown. That’s perseverance for you. But none of that

deterred her. She took up rambling to raise awareness of ovarian cancer after being diagnosed in 2011. This latest adventure has raised more than

$15,000 for charity, starting with a hitchhike to Kiev through the depths of Romani’s winter and across the Pyrenees to warmer days in province. We

hope she’s got her feet up for a well-earned rest. Bravo to you.

Well, that is it for now. You could always catch out online, on our podcast and across social media. Thank you for watching “Amanpour and Company” on PBS and join us again tomorrow night.