That's a very good question because, in part, this is sort of the dog that didn't bark. We assumed that we were going to see a lot more and a lot more sophistication than we did.
The challenge with Russia is this. The SolarWinds attacks showed that Russia, China and a handful of other actors have extremely sophisticated capabilities to be able to build targeted exploits, compared with the 98% or 99% of attacks that are reasonably medium level and that you can defend against them with reasonable capabilities. We just saw such a targeted exploit in Ukraine with regard to a U.S. satellite provider. It took out some key critical infrastructure in Ukraine just in the last week. It was not directed at critical infrastructure on U.S. soil. The exploit that was used can be generically deployed against all sorts of hosts of critical infrastructure, so what was deployed and how it was deployed was a considerable concern.
The long and short of it is that these actors have the patience, skill sets and the resources to build very deliberate and targeted exploits. These are not targets of opportunity, but are quite intentional, which is what we saw in the SolarWinds attack. This is why our critical infrastructure is disproportionately vulnerable to these types of state-based capabilities—or in the case of Russia, state-tolerated capabilities—which are extremely sophisticated.
That's where we need a more sophisticated collaboration between signals intelligence and the private sector because only signals intelligence has the domain awareness of these types of capabilities. It requires, in many cases, some offensive capabilities in order to disable the exploits that are being deployed against us. It also requires a more aggressive law enforcement stance, as we've seen by both British and U.S. authorities, which have gotten warrants to effectively make changes to coding and software in critical infrastructure if companies don't act expeditiously enough.