Biden warns the private sector to ‘immediately’ harden their cyber defenses against possible Russian attacks.

President Biden warned on Monday that Russia is exploring the possibility of waging potential cyberattacks against the United States in retaliation for economic penalties imposed on Moscow for the invasion of Ukraine.

In a statement issued days before he is set to travel to Brussels for a NATO summit, Mr. Biden encouraged private sector companies in the United States to strengthen their cybersecurity against a potential breach by Russia.

“It’s part of Russia’s playbook,” Mr. Biden said in the statement. “Today, my administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks.”

The administration has no evidence of a specific, credible potential cyber attack against the United States, but rather “preparatory activity” targeting critical infrastructure, according to Anne Neuberger, Mr. Biden’s deputy national security adviser for cyber and emerging technology.

It is not the first time the United States has warned that Russia could hack U.S. companies as the war rages in Ukraine. Ms. Neuberger said Monday’s warning was an attempt by the Biden administration to raise awareness of Russia’s ability to conduct a digital assault against American infrastructure.

Ms. Neuberger said the administration recently observed “preparatory activity” for potential hacking of American infrastructure, and had shared that information with companies in a classified briefing last week. Such activity can include scanning websites for vulnerabilities. Ms. Neuberger made clear there was still an active threat of Russian hacking against critical infrastructure, including oil and energy companies, and hospital systems.

“There’s so much more we need to do to have the confidence that we’ve locked our digital doors, particularly for the critical services Americans rely on,” Ms. Neuberger said, noting that most American critical infrastructure is managed by the private sector. “Those owners and operators have the ability and responsibility to harden the systems and networks we all rely on.”

The White House last week briefed more than 100 companies in the United States on the best ways to defend against a cyberattack. The administration on Monday directed companies to “harden your cyber defenses immediately,” recommending measures such as enabling multifactor authentication, ensuring offline backups of data and educating employees on hacking methods.

“You have the power, the capacity, and the responsibility to strengthen the cybersecurity and resilience of the critical services and technologies on which Americans rely,” Mr. Biden said in the statement.

Ms. Neuberger noted that Russia is still conducting cyber activity against Ukraine. Ukraine’s minister of digital transformation, Mykhailo Fedorov, said in mid-February that a cyberattack that month against the websites of Ukraine’s defense ministry and army, as well as the interfaces of the country’s two largest banks, “bore traces of foreign intelligence services.”

Back to top button