White House warns Russia prepping possible cyberattacks against US
The White House on Monday urged private companies to bolster their cyber defenses, citing evolving intelligence suggesting the Russian government is exploring “options for potential cyberattacks” targeting U.S. critical infrastructure.
“To be clear, there is no certainty there will be a cyber incident on critical infrastructure,” White House deputy national security adviser for cyber and emerging technology Anne Neuberger told reporters during a briefing on Monday afternoon.
“So why am I here? Because this is a call to action and a call to responsibility for all of us,” she said.
The administration has warned in recent weeks that Russia could look to target infrastructure in the U.S. or elsewhere with cyberattacks, but officials previously said there were no specific or credible threats against the U.S.
Neuberger said Monday that officials have seen some “preparatory activity” and that the administration briefed companies and sectors who could be affected in a classified setting last week.
“There is no evidence of any specific cyberattack that we are anticipating,” she said. “There is some preparatory activity that we’re seeing and that is what we shared in a classified context with companies who we thought might be affected.”
She said the preparatory activity could include scanning websites or looking for vulnerabilities, but wouldn’t provide specific details.
Later, Neuberger said that the U.S. government had detected a “potential shift in intention” on the part of Russia.
The White House distributed a fact sheet urging companies to mandate the use of multi-factor authentication; patch their systems; run emergency drills to prepare response plans; deploy security tools to look for threats; back up data; encrypt data; and take other steps to secure information and bolster security to protect against cyber threats.
“I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners,” President Biden said in a statement. “It’s part of Russia’s playbook. Today, my Administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks.
Biden later reiterated the warning to a group at a Business Roundtable event in Washington Monday evening.
“The magnitude of Russia’s cyber capacity is fairly consequential, and it’s coming,” he said.
The Biden administration last month attributed cyberattacks targeting Ukraine’s Ministry of Defense and banks to Russia. Those attacks occurred before Russia’s invasion of Ukraine began on Feb. 24.
Russian state-sponsored actors have previously targeted the U.S. with cyberattacks, perhaps most notably in connection with the 2016 election interference operation and the massive SolarWinds hack.
Russian cybercriminals were also implicated in the attack on Colonial Pipeline.
The Biden administration has over the past year worked to improve the cybersecurity of critical infrastructure, which is largely owned and operated by the private sector.
Neuberger would not say Monday which specific critical infrastructure sectors could be targeted. Critical infrastructure encompasses a range of sectors, including water, energy, health care, and financial services.
She made clear the Biden administration would respond to a cyberattack by Russia.
“As the president has said, the United States is not seeking confrontation with Russia, but he has also said if Russia conducts disruptive cyberattacks against critical infrastructure, we will be prepared to respond,” Neuberger said.
Biden in his own statement said his administration “will continue to use every tool to deter, disrupt, and if necessary, respond to cyberattacks against critical infrastructure.”
Updated at 6:47 p.m.