White House warns of ‘evolving intelligence’ suggesting Russia could conduct cyber attacks against the United States
Mar 21, 2022, 2:24 PM | Updated: Jun 8, 2022, 3:17 pm
(Photo by Al Drago-Pool/Getty Images)
(CNN) — President Joe Biden on Monday urged private sector partners to strengthen their cyber defenses immediately, pointing to “evolving intelligence” that suggests Russia could conduct malicious cyber activity against American companies and critical infrastructure.
While the Biden administration has been warning the nation of the prospect of cyber attacks by Russia for months, most recently as a response to the economic restrictions imposed on Russia over its invasion of Ukraine, the President’s statement suggests “evolving intelligence” has heightened the threat.
The details of exactly what that intelligence is remain unclear, but deputy national security adviser Anne Neuberger said during Monday’s White House briefing that Russia had been conducting “preparatory activity” for cyber attacks, which she said could include scanning websites and hunting for software vulnerabilities.
Neuberger said the administration is reiterating its warnings “based on evolving threat intelligence that the Russian government is exploring options for potential cyber attacks on critical infrastructure in the United States,” but also underscored that “there is no certainty there will be a cyber incident on critical infrastructure.”
The administration last week “hosted classified briefings with companies and sectors we felt would be most effective and provided very practical, focused advice,” Neuberger told CNN’s Phil Mattingly during Monday’s briefing.
Biden said in his statement that the administration would “continue to use every tool to deter, disrupt, and if necessary, respond to cyber attacks against critical infrastructure,” but acknowledged that “the federal government can’t defend against this threat alone.”
“Most of America’s critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has been actively working with organizations across critical infrastructure to rapidly share information and mitigation guidance to help protect their systems and networks,” the statement said.
The administration is recommending several steps to help private sector partners prevent against cyber attacks, including using multi-factor authentication, consulting with cyber security professionals to make sure systems are protected against all known vulnerabilities, changing passwords across networks to prevent stolen credentials from being used, backing up and encrypting data and educating employees on cyber security.
US officials have been warning the private sector for months about the possibility of Russian retaliatory hacking over sanctions against the Kremlin.
The US departments of Energy, Treasury and Homeland Security, among others, have briefed big electric utilities and banks on Russian hacking capabilities, and urged businesses to lower their thresholds for reporting suspicious activity. The FBI has been wary that Russian speaking ransomware groups could lash out at US businesses.
Ukrainian government agencies have been hit by a series of cyber attacks before and after the Russian invasion but not the level of hacking that some analysts feared.
Cyber attacks have nonetheless played a supporting role in the war. As the Russian military began attacking Ukraine on February 24, satellite modems that provide internet service for tens of thousands of customers in Europe, including some in Ukraine, were taken offline in a cyber attack on US telecommunications provider Viasat.
The US government is investigating the hack of Viasat as a potential Russian state-sponsored cyber attack, a US official familiar with the matter previously told CNN.
Neuberger on Monday did not identify who was responsible for the hack. She said US officials continue to investigate the incident.
Earlier in March, a bipartisan group of senators also shared their concerns with the Biden administration about the potential of widespread Russian cyberattacks in the US as retribution for harsh sanctions against Russia in the wake of President Vladimir Putin’s unprovoked invasion of Ukraine.
In a letter to Homeland Security Secretary Alejandro Mayorkas Sunday evening obtained by CNN, 22 senators, led by Nevada Democratic Sen. Jacky Rosen and South Dakota Republican Sen. Mike Rounds, raised questions about America’s readiness for Russian cyber and disinformation threats.
Additional correspondence obtained by CNN indicated that DHS responded to the senators on Monday, saying that the CISA’s Office of Legislative Affairs will work with the group to prepare a briefing on the matter.