President Joe Biden on Monday warned of Russian cyberattacks against the U.S. — making his most prominent alert yet about what he called new intelligence concerning the Putin regime’s plans.
“The more Putin’s back is against the wall, the greater the severity of the tactics he may employ … one of the tools he’s most likely to use in my view, in our view, is cyberattacks,” Biden said on Monday.
“The magnitude of Russia’s cyber capacity is fairly consequential and it’s coming,” he continued.
Biden had earlier issued a statement saying that the administration is reiterating earlier warnings, “based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks.”
Past U.S. intelligence warnings about the timing and manner of Russia’s invasion of Ukraine were largely accurate. Biden urged companies to “harden your cyber defenses immediately.”
Biden’s remarks and statement came with new urgency.
Anne Neuberger, the deputy national security adviser for cyber and emerging technology, warned that the Russian government was eyeing U.S. critical infrastructure but did not cite any specific plans for attacks. She described Biden’s warning on Monday as “a call to action and a call to responsibility” to guard against attacks.
“Today we are reiterating these warnings, and we are doing so based on evolving threat intelligence that the Russian government is exploring options for potential cyberattacks on critical infrastructure in the United States,” Neuberger told reporters at the White House.
Neuberger cautioned that, “To be clear, there is no intelligence that there will be a cyberattack on critical infrastructure.”
However, Tom Kellermann, the head of cybersecurity strategy at VMware, said Monday that “there is a clear and present danger” to the U.S. given efforts by Russian-linked cyber threat groups in recent months. “Destructive cyber attacks are imminent,” he said.
James Lewis, director of the Strategic Technologies Program at the Center for Strategic and International Studies, pointed to mounting frustration in the Kremlin at the lack of progress in Ukraine as spurring on potential cyberattacks. “Putin is apparently getting frustrated,” Lewis said, speculating that now that a quick victory is out, Russia is considering cyber attacks as a possible next step, “but something short of a massive attack on critical infrastructure.” Brian Harrell, a former assistant secretary for infrastructure protection at DHS, said “the most logical enemy avenue approach is through vulnerable 3rd parties and the critical supply chain.”
Neuberger noted that federal agencies convened over 100 U.S. companies to share information on the new intelligence around potential Russian cyberattacks. She said the government gave companies tools to strengthen cybersecurity and security advisories on what the government is seeing.
“There is no evidence of any specific cyberattack that we’re anticipating,” Neuberger said. “There is some preparatory activity that we’re seeing, and that is what we shared in a classified context with companies that we thought might be affected.”
“You’ve seen the administration continuously lean forward and share even fragmentary pieces of information that we have to ensure maximum preparedness by the private sector,” she said. “So as soon as we learned about that, last week we hosted classified briefings with companies and sectors we felt would be most affected and provided very practical, focused advice.”
An industry source familiar with the briefings said the Energy Department held a classified briefing last Wednesday with half a dozen industry leaders who have top-secret security clearances and four members of the federal government to discuss possible Russian cyber threats.
The source, who was granted anonymity to discuss the classified briefing, noted that DOE’s meeting was different from the one Neuberger mentioned in her remarks Monday, which the FBI hosted on Thursday with more than 100 companies across its field offices.
The source who attended DOE’s briefing did not share specifics about any new information the White House or Energy Department has gathered. Instead, they described the meeting as mostly a reiteration of the Russian cyber threats the energy sector already knows about. A separate industry source also told POLITICO that TSA had its own briefing last week.
The White House released a fact sheet prior to Neuberger’s comments detailing ways that U.S. companies can defend themselves against cyberattacks, including mandating the use of multifactor authentication and encrypting data.
Biden said his administration will “continue to use every tool to deter, disrupt, and if necessary, respond to cyberattacks against critical infrastructure.” He told members of the Business Roundtable, whom he was addressing on Monday evening, that improving cybersecurity was their “patriotic obligation.”
Go To Source