White House warns of potential Russian cyberattack based on new intel
Distressed by the continued lack of cybersecurity basics implemented in critical infrastructure sectors, the White House issued “a call to action.”
The Biden administration flagged a shift in Russia’s cyber posture Monday, stressing the private sector’s responsibility for defending U.S. critical infrastructure against a cyberattack in the wake of the ongoing conflict in Ukraine.
“I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners,” reads a statement by the president the White House issued Monday. “My administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks.”
During the daily White House press briefing, Deputy National Security Advisor for Cyber and Emerging Tech Anne Neuberger said that intelligence was shared in a classified briefing with entities officials believe might be specifically targeted.
Neuberger declined to note any specific sectors or companies that were briefed and said while there is still no evidence to suggest a specific cyberattack is forthcoming, officials have observed “preparatory activity” on the part of the Russians.
“Preparatory activity could mean scanning websites, it could be hunting for vulnerabilities,” Neuberger said. “There's a range of activity that malicious cyber actors use, whether their nation state or criminals. The most troubling piece, and really what I mentioned a moment ago, is we continue to see known vulnerabilities, for which we have patches available, used by even sophisticated cyber actors to compromise American companies—to compromise companies around the world.”
Neuberger said critical infrastructure companies’ failure to implement practices listed in a fact sheet the White House released Monday continues despite an unprecedented array of warnings and edicts the administration has issued since taking office, amid a series of massive hacks, including one—the SolarWinds campaign—that officials attributed to Russia’s Foreign Intelligence unit.
“The administration has worked extensively over the last year to prepare to meet this sort of threat, providing unprecedented warning and advice to the private sector and mandating cybersecurity measures where we have the authority to do so,” Neuberger said. “The majority of our critical infrastructure, as you know, is owned and operated by the private sector. And those owners and operators have the ability and responsibility to harden the systems and networks we all rely on. Notwithstanding these repeated warnings, we continue to see adversaries compromising systems that use known vulnerabilities for which there are patches. This is deeply troubling.”
On Thursday, the FBI and the Cybersecurity and Infrastructure Security Agency said they are aware of a Russian threat to providers and customers of the nation’s satellite networks.
Neuberger reiterated the administration’s assertion that it would be prepared to respond if Russia targets U.S. critical infrastructure in a cyberattack. She said the administration has still made no attribution of an attack on the U.S. satellite firm Viasat which disrupted connectivity in Ukraine.