This activity is probably “not a matter of espionage, it is probably very likely disruptive or destructive (cyber) activity,” said Jen Easterly, director of the US Cyber and Security Agency. infrastructure, on a conference call with industry leaders and state and local government staff, three sources said on the call, writes CNN’s Sean Lyngaas.
The advisory is part of a growing chorus of warnings that America’s infrastructure is under threat, writes Lyngass.
“For months, the U.S. Departments of Energy, Treasury, and Homeland Security, among others, have briefed major electric utilities and banks on Russian hacking capabilities and urged companies to lower their thresholds. for reporting suspicious activity.”
Some companies are unprepared
The gist of Biden’s warning on Monday and the FBI’s advice was that the infrastructure behind American society and American life is mostly in private hands and needs to be made more secure from hacks.
Biden told Putin to cut it
“We had a long conversation about, if he uses it, what the consequences would be,” Biden told the business leaders on Monday.
He specifically mentioned the energy, electricity and finance sectors.
What could a large-scale cyberattack look like?
CNN’s Ivana Kottasová wrote about the attack, which Estonia considered an act of cyber warfare, last June. It all started with Estonia’s decision to remove a Soviet-era war memorial from central Tallinn.
Here are some key points from his report:
The attack made Estonia realize that it needed to start treating cyber threats the same as physical attacks.
At that time, the country was already a leader in e-government, having introduced services like online voting and digital signatures. Although no data was stolen in the incident, the websites of banks, media and some government departments were the target of distributed denial of service attacks that lasted 22 days. Some services have been discontinued, while others have been completely removed.
NATO and the international community learned about the attack on Estonia and experts developed a standard to assess cyber warfare accordingly.
When is a cyberattack an act of war?
I called Tess Bridgeman, co-editor of the Just Security website and former Obama White House attorney who is an expert on war powers and international law.
“If a cyberattack causes significant death, destruction or injury, the same type that you would see from a more traditional attack using kinetic means, like bullets or missiles, you know, then you would call that a ‘recourse to force “in the international framework”. law,” she said.
A cyberattack targeting a roadblock or air traffic control towers could reach that level, but the government would try to avoid responding to a cyberattack with a military attack, she said.
Attacks on the United States to date have not reached the threshold to warrant a military response.
As the government seeks countermeasures to respond, Bridgeman said, chances are they won’t be known to the public.
“It may seem that the United States is sitting idly by, but I would highly doubt that is the case,” she said, arguing that defensive actions might be more effective in defusing the impasse. “It sets an example of what responsible state behavior looks like.”
Could weapons be used to respond to a cyberattack?
The threat of a military response is always there for the worst cyberattacks, should they claim American lives.
“Our policy, our stated policy is that if it’s a big enough attack on us and it hurts us, we’ll use the conventional weapons response,” Richard Clarke, who was one of the main advisers to President George W. Bush on cybersecurity. Michael Smerconish shortly after the start of the war in Ukraine.
“So we could very easily end up in a war with Russia if they try to devastate – and it should be devastating – cyberattacks like shutting down the power grid,” Clarke said.
Most of these attacks are meant to be part of espionage campaigns or to be prying rather than lethal. Clarke argued that Russian attacks on American industries could be more devastating than attacks on the government itself. He said the government isn’t quite sure what will happen if Amazon, Google and Microsoft’s cloud systems go offline, for example.
“I can tell you that if these clouds come down, if the United States stops working, if our economy stops working, if the phones stop working, we will find ourselves in the dark ages very soon if The internet is going down,” Clarke said.
What if Russia attacks an American ally?
It is not clear that Russia specifically wants to provoke the United States in such a devastating way, or how the United States would react.
Could a cyberattack trigger Article 5?
A cyberattack could absolutely trigger Article 5. NATO Secretary General Jens Stoltenberg made that clear in February, right after the Russian invasion.
But he added that NATO would be very careful in assessing an attack and would ensure that a cyber attack on Ukraine – cutting off electricity, for example – that accidentally spreads to Poland or Romania does not would not be construed as an attack on those countries.
He also said that it was intentionally unclear what type of cyberattack would reach the level of invoking Article 5.
NATO, he said, would not want to “give a potential adversary the privilege of defining exactly when we will trigger Article 5”.