Speaking at the quarterly Business Roundtable meeting in Washington, Biden said Russian President Vladimir Putin would likely use cyberattacks as a form of retaliation against the United States for its actions to counter the incursion of Russia in Ukraine.
Biden said, “The scale of Russia’s cyber capability is quite substantial and it’s coming.”
He added that “one of (Putin’s) most likely tools to use, in my opinion – in our opinion – is cyberattacks. They have a very sophisticated cyber capability”, and then argued: “The fact is he has the ability. He hasn’t used it yet, but it’s part of his playbook.”
The president told business leaders the national interest is at stake, suggesting it’s “a patriotic obligation that you invest as much as you can to ensure – and we will help you in any way – that you have strengthened your technological capacity to deal with cyberattacks.”
While the Biden administration has been warning the nation about the prospect of Russian cyberattacks for months, most recently in response to economic restrictions imposed on Russia during its invasion of Ukraine, the president’s statement suggests that “the evolution of intelligence” has increased the threat.
Details of what exactly that intelligence is remain unclear, but Deputy National Security Adviser Anne Neuberger said during Monday’s White House briefing that Russia had been conducting “preparatory activity” for cyberattacks, which , she says, could include scanning websites and finding software vulnerabilities.
Neuberger said the administration was reiterating its warnings “based on evolving threat intelligence that the Russian government is exploring options for potential cyberattacks on critical infrastructure in the United States,” but also pointed out that ‘”there is no certainty that there will be a cyber incident on critical infrastructure.”
Last week, the administration “held classified briefings with companies and sectors that we believe would be most effective and provided very practical and focused advice,” Neuberger told CNN’s Phil Mattingly during the briefing. of Monday.
Biden said in his statement that the administration would “continue to use all tools to deter, disrupt and, if necessary, respond to cyberattacks on critical infrastructure,” but acknowledged that “the federal government cannot defend itself against this threat.
“Most of America’s critical infrastructure is privately owned and operated, and owners and operators of critical infrastructure must accelerate their efforts to lock down their digital doors. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is working actively with organizations across infrastructure to quickly share information and mitigation advice to help protect their systems and networks,” the statement read.
The administration recommends several steps to help private sector partners prevent cyberattacks, including using multi-factor authentication, consulting with cybersecurity professionals to ensure systems are protected against all known vulnerabilities, changing passwords on networks to prevent the use of stolen credentials. , backup and encrypt data and train employees in cybersecurity.
Fears Putin could go wild
Biden’s decision to issue the warning reflects concerns within the administration about what Putin might be prepared to do next, as it becomes increasingly clear that his invasion of Ukraine is not going ahead. as expected, according to a US official familiar with internal cybersecurity discussions. .
Biden officials discussed how the state of Russia’s ground campaign could change Putin’s reckoning and how options are being considered in Russia as a result, the official said, noting that the situation – in some ways – is more volatile than ever.
Russia still maintains its cyber capabilities and the administration believes Putin may be more willing to use these tools as he becomes more desperate, the official added. The official did not provide details on the types of potential cyberattack options the US thinks Russia could explore, but there has been an observed increase in activity, according to a source familiar with the situation. .
The official said it was difficult to determine whether this was simply noisy Russian activity intended to send a message to the United States about what it could do or about the actual preparedness of the environment.
“If you’re Russia, disinformation doesn’t seem to work, they’re not going to shoot us, and so what’s left is something in the middle: cyber,” a second official added.
The US Departments of Energy, Treasury and Homeland Security, among others, have informed major electric utilities and banks of Russian hacking capabilities and urged companies to lower their thresholds for reporting activity suspicious. The FBI fears that Russian-speaking ransomware groups are going after American companies.
While the administration has issued warnings about possible Russian hacking activity for months, when the statement comes from the president, “it’s usually because [the threat] took on added importance in the eyes of the government,” said a third US official.
Ukrainian government agencies were hit by a series of cyberattacks before and after the Russian invasion, but not at the level of hacking that some analysts feared.
Cyberattacks nevertheless played a supporting role in the war. As the Russian military began attacking Ukraine on February 24, satellite modems that provide internet service to tens of thousands of customers in Europe, including some in Ukraine, were taken offline in a cyberattack against the American telecommunications provider Viasat.
The US government is investigating the Viasat hack as a potential Russian state-sponsored cyberattack, a US official with knowledge of the matter previously told CNN.
Neuberger on Monday did not identify who was responsible for the hack. She said US officials are continuing to investigate the incident.
In a Sunday night letter to Homeland Security Secretary Alejandro Mayorkas, obtained by CNN, 22 senators, led by Democratic Nevada Sen. Jacky Rosen and Republican South Dakota Sen. Mike Rounds, raised questions about preparedness. from the United States to Russian cyber threats and disinformation.
Additional correspondence obtained by CNN said DHS responded to the senators on Monday, saying the CISA Office of Legislative Affairs would work with the group to prepare a briefing on the matter.
CNN’s Eva McKend contributed to this report.