The Biden administration on Monday warned that it believes Russian state hackers may step up a cyber offensive that targets US organizations, particularly organizations in the private sector providing critical infrastructure.
Administration officials stressed that they have yet to unearth any evidence of specific cyberattack plans. But in recent weeks, officials have said Kremlin-sponsored strikes on US-based computers and networks was a distinct possibility that security defenders should prepare for. As the US and its allies have ratcheted up sanctions on Russia and the US receives new intelligence assessments, the White House is once again urging vigilance.
Part of Russia’s playbook
“Today, we are reiterating those warnings, and we’re doing so based on evolving threat intelligence, that the Russian government is exploring options for potential cyber attacks on critical infrastructure in the United States,” Anne Neuberger, the White House’s deputy national security advisor for cyber and emerging technology, said during a daily press briefing on Monday.
In a statement, President Joe Biden said: “This is a critical moment to accelerate our work to improve domestic cybersecurity and bolster our national resilience. I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners. It’s part of Russia’s playbook.”
Both Biden and Neuberger appealed to private sector organizations to shore up their defenses by installing security patches and taking other proactive measures. “Most of America’s critical infrastructure is owned and operated by the private sector, and critical infrastructure owners and operators must accelerate efforts to lock their digital doors,” Biden added.
Neuberger told reporters that Monday’s warning “speaks to evolving threat intelligence and a potential shift in intention,” as Russia potentially considers conducting cyber attacks in response to sanctions. US officials are also seeing potential preparations from Kremlin-backed hackers such as scanning targets’ networks for security vulnerabilities. She said the White House has privately briefed hundreds of companies about the threat.
“There’s still much more that we need to do to have the confidence that we’ve locked our digital doors, particularly for the critical services that Americans rely on,” said Neuberger. “The most troubling piece is we continue to see known vulnerabilities for which we have patches available used by sophisticated cyber actors to compromise American companies—to compromise companies around the world.”
The Cybersecurity and Infrastructure Security Agency has created a webpage that provides guidance on the kinds of things potential targets can do to better protect themselves.