‘It happens’: President Biden warns of ‘evolving’ Russian cyber threat to US

President Biden warned Monday that “evolving intelligence” suggests Russia explores options for potential cyberattacks targeting US critical infrastructure.

“The scale of Russia’s cyber capability is quite substantial,” Biden said, speaking to the Business Roundtable, an association of some of the country’s biggest companies. “And it’s coming.”

Although there is no evidence of a specific cyberattack threat, Anne Neuberger, Mr. Biden’s deputy national security adviser for cyber and emerging technologies, told reporters Monday afternoon that officials Americans had observed “preparatory work” related to nation-state actors. Such activity could indicate increased levels of website scanning and vulnerability scanning among US companies.

Other US intelligence details remain unclear, but as Moscow may be looking for ways to retaliate against economic sanctions imposed following their invasion of Ukrainepotential targets include the US financial sector, power grid, water treatment plants and hospitals.

President Joe Biden speaks at the Business Roundtable’s quarterly CEO meeting, Monday, March 21, 2022, in Washington.

Patrick Semansky/AP

“Russia is likely looking to respond aggressively in a way that won’t lead to war with the United States, and cyberattacks are a way for them to exact costs without crossing a major red line,” he said. John Hultquist, vice president of intelligence analysis for cybersecurity firm Mandiant, told CBS News. “Cyberattacks are often reversible and non-lethal, but their economic and psychological costs could be significant.”

Neuberger called it “deeply disturbing” that companies around the world continue to see flaws due to known vulnerabilities that they have not patched.

The White House push comes just days before the president is due to travel to Brussels for a NATO summit on Thursday before heading to Poland and amid efforts by the US government to declassify intelligence on plans for the Russia in Ukraine. The United States has previously released its findings to deter the Kremlin and other adversaries from following through with its plans and to undermine attempts at plausible deniability.

White House officials last week gave classified information to more than 100 companies, urging at-risk private sector partners to bolster cybersecurity defenses against potential intrusions by Russian-linked actors.

“Most of America’s critical infrastructure is privately owned and operated, and critical infrastructure owners and operators must accelerate their efforts to lock down their digital doors,” the White House statement said Monday. “The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is actively working with organizations within critical infrastructure to quickly share information and mitigation advice to protect their systems and networks. “

On Monday, Homeland Security Secretary Alejandro Mayorkas encouraged organizations “of all sizes and from all industries” to report cyber incidents to CISA or their local FBI office. “DHS will continue to share timely and actionable information and intelligence to ensure our partners and the public have the tools they need to keep our communities safe and increase cybersecurity preparedness nationwide,” Mayorkas added.

For months, the Biden administration has pushed companies to prevent cyber intrusions with a host of tactics: multi-factor authentication, patching known vulnerabilities, running drills and contingency plans, and encrypting and backing up data. data.

Director of CISA, Jen Easterly told CBS News on Friday that US officials have not let their guard down. “What we are urgently focused on right now is working closely with our private sector partners with our state and local partners with our federal partners to ensure that there is a solid understanding of the cyber threat environment and potential consequences of Russian malicious attacks cyber activity.”

“It’s getting harder and harder to stop bad things from happening,” Easterly added. “And so we have to work together and assume bad things will happen, assume there will be cyberattacks, assume there will be disruptive activity.”

Easterly, the director of the national cyber defense agency, said she is increasingly concerned about “vigilance fatigue” as US companies rush to secure their networks. “It is difficult to maintain a very high rate of extreme preparedness, but we are not even a month into this unjust, illegal and unprovoked invasion of a democracy and we must continue to keep our shields up. We are deploying more more information so that people understand the nature of the threat environment.”

Since November, the Department of Homeland Security has overseen more than 80 briefings, tabletop exercises, and briefings with the private sector aimed at bolstering U.S. cyber defenses in the event of malicious Russian cyber activity.

Lawmakers raised their concerns directly with the DHS secretary. Last week, 22 US senators, led by Democratic Sen. Jacky Rosen of Nevada and Republican Sen. Mike Rounds of South Dakota, signed a bipartisan letter asking for more information about the US response to Russian cyber threats and disinformation. CISA pledged in a response letter Monday to brief lawmakers in the coming days.

CISA and the FBI issued several joint e-bulletins last week, including an advisory detailing the threat to satellite communications networks just days after reports of a hack by unidentified actors directed at the Viasat telecommunications. Reuters first reported on the disruption of high-speed satellite internet access at the start of the Russian invasion.

Since February 15, the Ukrainian government said it had suffered more than 3,000 DDoS attacks, or “distributed denial of service attacks”, which blocked traffic from government websites until they stopped.

But a cyberattack on a NATO member state could trigger Article 5, its collective defense clause, according to previous statements by NATO Secretary General Jens Stoltenberg. The hypothetical trigger has heightened concerns that the Russian invasion of Ukraine could spread to the United States and other territories.

“An attack on critical infrastructure that could be linked to the Russian government would absolutely be grounds for escalation, depending on the impact of this incident,” Alex Iftimie, a former national security official at the Justice Department, told CBS News. “This could have significant consequences down the road in terms of potential direct US involvement in this conflict.”

“I think the president was very clear,” Neuberger told reporters before leaving the briefing room. “We are not looking for a conflict with Russia. But if Russia launches a cyberattack against the United States, we will respond.”

Arden Farhi, Major Garrett, Margaret Brennan and Andres Triay contributed to this report.

Leave a Reply

Your email address will not be published.