US President Joe Biden on Monday called on US companies to ensure their digital doors are tightly locked due to “advanced intelligence” and said Russia was considering launching cyber attacks on key infrastructure targets as the war in Ukraine continues.
Addressing corporate CEOs at their quarterly meeting, Biden told business leaders that they have a “patriotic obligation” to tighten their system against such attacks. He said that with federal assistance available, the decision is theirs alone if they want it.
Biden said the administration has “issued a new warning that, based on its advanced intelligence, Russia may be planning a cyber attack against us. … The level of Russian cyber power is fairly effective, and it is coming.”
The president said the federal government was “doing its part” to prepare for the attack and warned private-sector CEOs that it was in their national interest to do the same.
Biden told members of the Business Roundtable that it is a patriotic obligation for you to invest as much as possible in technology to repel cyber attacks. “We are ready to help you, as I said, with whatever tools and skills we have, if you will. But it is up to you to decide what steps you will take and not what to do. “
Biden’s top cyber security aide, Ann Newberger, expressed frustration at a White House press briefing early Monday that some critical infrastructure companies had ignored warnings from federal agencies to address known issues with software that could be exploited by Russian hackers.
“Despite these repeated warnings, we are seeing compromising systems with adversaries that use known vulnerabilities for which there are patches,” said Newberger, the vice president of national security adviser on cyber and emerging technologies. “This makes it much easier for attackers than it needs to be.”
The federal government has been warning U.S. companies about the threat posed by Russian state hackers long before the country invaded Ukraine last month. The Cybersecurity and Infrastructure Security Agency has launched a “Shields Up” campaign aimed at helping companies strengthen their defenses and urging companies to back up their data, introduce multifactor authentication and take other steps to improve cyber hygiene.
Newberger said it makes no sense to suggest a specific Russian cyber attack against US targets, but added that there has been an increase in “preparatory activity” such as scanning websites and hunting for vulnerabilities, which are common among country-state hackers.
In a written statement issued Monday, Biden said Russia could launch a cyber-attack against US targets in retaliation for the “unprecedented economic costs we have imposed” on Russia through sanctions.
“It’s part of the Russian playbook,” Biden said.
The United States and its allies have imposed a number of sanctions aimed at crippling the Russian economy, and Biden recently announced that the United States was sending more anti-aircraft guns, anti-aircraft weapons and drones to help Ukraine.
John Haltquist, vice president of intelligence analysis at the cybersecurity firm Mandiant, says cyber-attacks give Russia the power to punch back.
“Cyber attacks are a way for them to make the right cost without crossing a big red line,” he said.
Russia is considered a hacking powerhouse but since its invasion of Ukraine its aggressive cyber attacks have been muted in comparison to what some have feared. Russia has carried out significant cyber attacks against Ukraine in recent years, including the devastating NotPetya attack in 2017, which spread far and wide and caused ক্ষ 10 billion (approximately Rs 76,400 crore) in global losses.
Newberger says Russia’s cyber-attacks against Ukraine are ongoing, although he did not provide specific details. He said the Biden administration had made it clear that if Russia was involved with the United States in cyberspace, it would have consequences.
“We are not seeking a conflict with Russia. If Russia launches a cyber attack against the United States, we will respond, “he said.
The Russian embassy did not immediately respond to a request for comment.