WASHINGTON — President Joe Biden and national security officials warned that Russia may be ramping toward cyberattacks on U.S. critical infrastructure as the war in Ukraine continues.
“Today, my administration is issuing new warnings that, based on evolving intelligence, Russia may be planning a cyberattack against us,” Biden said March 21 at a Business Roundtable quarterly meeting. “As I said, the magnitude of Russia’s cyber capacity is fairly consequential, and it’s coming.”
U.S. Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger said there was “no evidence of any specific cyberattack that we’re anticipating for” during a White House briefing the same day. Rather, she said, there is “some preparatory activity that we’re seeing,” which needed preempting.
Signs of potential malign activity spurred ongoing advisories as well as classified talks with companies last week.
“Bottom line, this is about us, the work we need to do to lock our digital doors and to put the country in the best defensive position,” Neuberger said. “As the president has said, the United States is not seeking confrontation with Russia. But he has also said that if Russia conducts destructive cyberattacks against critical infrastructure, we will be prepared to respond.”
The private sector owns and operates much of the critical infrastructure in the U.S.
The vital systems have been hit before: In 2021, ransomware incidents battered 14 of 16 U.S. critical sectors, including the defense industrial base, according to the federal government. The Colonial Pipeline was attacked, for example, as was meat supplier JBS.
“Let me be absolutely clear about something. It’s not just your interests that are at stake with their potential use of cybersecurity,” Biden told CEOs at the roundtable meeting. “It is the national interest at stake.”
Members of Congress, industry executives and analysts alike have said Russia poses a serious cyber threat to those it targets. Moscow uses the domain to project its force and meddle in foreign goings-on, according to the U.S. Cybersecurity and Infrastructure Security Agency.
“We do continue to see Russia conducting both, as you know, significant malicious activity in Ukraine, major kinetic attacks, which have disrupted and killed lives, as well as cyber activity,” Neuberger said.
Ukrainian systems have suffered more than 3,000 distributed denial-of-service attacks, jumbling communications and hampering operations, according to its government. The State Service of Special Communication and Information Protection of Ukraine on March 16 said the number of digital attacks perpetrated against the country’s “vital infrastructure hasn’t decreased since the beginning of the war.”
Russia has denied responsibility.
CISA earlier this year issued a “Shields Up” notice, cautioning organizations to prepare for disruptions or attempted intrusions. The Department of Homeland Security agency suggested Russia’s renewed invasion of Ukraine could bleed west, specifically on the cyber front.
“One of the tools he’s most likely to use, in our view, is cyber, cyberattacks,” Biden said of Russian President Vladimir Putin. “They have a very sophisticated cyber capability.”
Colin Demarest is a reporter at C4ISRNET, where he covers networks and IT. Colin previously covered the Department of Energy and its National Nuclear Security Administration — namely nuclear weapons development and Cold War cleanup — for a daily newspaper in South Carolina.