(Bloomberg) — President Joe Biden warned that Russia is weighing a cyberattack against the U.S., as its military struggles in Ukraine, and urged private businesses to enhance their defenses.
Biden said in a Monday statement that Russia “could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed” in response to the Ukraine invasion.
The administration has “evolving intelligence that the Russian government is exploring options for potential cyberattacks,” he added, and said the U.S. private sector should “harden your cyber defense immediately.”
“Most of America’s critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors,” he said.
Russia’s ground war against Ukraine hasn’t gone as the Kremlin expected, with Kiev’s forces mounting a stout defense and retaining control of key cities after three weeks of fighting, including the capital. The Kremlin’s cyberattacks have similarly struggled to successfully target Ukrainian infrastructure since the outset of the war, according to government officials.
Even before the invasion, the Biden administration has sought to raise U.S. defenses against Russian cyberattacks. Biden warned Russian President Vladimir Putin at a face-to-face meeting last year against attacking U.S. critical infrastructure, listing 16 sectors including energy, communications satellites and health care.
Before the Ukraine invasion, hackers destroyed data on the network of Ukraine’s Ministry of Internal Affairs and siphoned off large amounts of data from the country’s telecommunications network, Bloomberg News reported. Cyberwar has occasionally benefited Kyiv as well; shortly after the invasion, hackers in Belarus allegedly breached computers controlling that country’s trains in order to try to disrupt Russian troop movements.
Anne Neuberger, the deputy national security adviser for cyber and emerging technology, said in a briefing that “there is no certainty” of an attack on the U.S. but that Biden’s statement was a “call to action.”
“There are cyberattacks that occur every day,” she said, adding that Biden’s warning was intended to focus attention on “critical infrastructure.” She declined to specify which sectors might be threatened, saying they all needed to “lock their digital doors.”
U.K., French and Ukrainian intelligence officials are investigating an apparent cyberattack against ViaSat Inc., according to Reuters, though it’s unknown whether the Russians were responsible. Neuberger said the U.S. is also examining the ViaSat attack but hasn’t yet attributed it to any specific perpetrator.
Federal agencies briefed more than 100 companies on the elevated threat of cyberattacks last week, she said. Many of the steps the private sector can take are relatively simple, such as requiring two-factor authorization to access systems and patching their software, she said.
“We continue to see adversaries compromising systems that use known vulnerabilities for which there are patches. This is deeply troubling,” she said. “So we’re urging today companies to take the steps within your control — to act immediately to protect the services millions of Americans rely on.”
Russia has previously successfully targeted the U.S. aviation sector and local government networks, extracting data from multiple victims as recently as September 2020, according to the U.S. Cybersecurity and Infrastructure Security Agency. Russia also conducted what CISA called a “multi-stage intrusion campaign in which they gained remote access to U.S. and international energy sector networks” as part of a seven-year campaign, adding that the country’s hackers had deployed malware onto industrial control systems.
James Lewis, director of the strategic technologies program at the Center for Strategic and International Studies, said Russia was unlikely to “do something big” in order to avoid U.S. retaliation, but that frustration with its slow military progress against Kyiv might prompt the Kremlin to turn to a smaller cyberattack or ransomware attack.
“This is a wake-up call to people,” he said. “The Russians have explored U.S. critical infrastructure before in very extensive ways.”
(Updates with additional background beginning in sixth paragraph)
More stories like this are available on bloomberg.com
©2022 Bloomberg L.P.
