U.S. Intelligence Finds Evidence of Increased Russian Probes of Cyber Vulnerabilities

U.S. President Joe Biden issued a statement Monday warning of Russian cyberattacks and asking U.S. companies in the critical infrastructure space to redouble their efforts to protect their systems from attacks.

“My administration will continue to use every tool to deter, disrupt, and if necessary, respond to cyberattacks against critical infrastructure,” the statement said. “But the federal government can’t defend against this threat alone. Most of America’s critical infrastructure is owned and operated by the private sector, and critical infrastructure owners and operators must accelerate efforts to lock their digital doors.”

Since day one, @POTUS prioritized strengthening cybersecurity defenses to prepare our nation for any threats. While we continue do everything in our power to defend against and respond to threats, we urge companies to execute security steps. https://t.co/7VCo6x42Pq

— The White House (@WhiteHouse) March 21, 2022

The statement then references the Cybersecurity and Infrastructure Security Agency’s (CISA’s) previous alert on the possibility of increased cyber activity as a result of the sanctions imposed on Russia after it invaded Ukraine. A key thrust of that alert is to report cyberattacks so the U.S. government can respond accordingly and information on the attack can be shared with other companies to limit the potential danger.

The new warning comes on the heels of what the United States said is an increase in “preparatory activity” to explore vulnerabilities in order to launch an attack. The New York Times reported that Anne Neuberger, deputy national security advisor for cyber and emerging technology, said government cyber experts had warned critical infrastructure companies of the activity late last week.

The Times also reported that the warnings included “recommending measures such as enabling multifactor authentication, ensuring offline backups of data, and educating employees on hacking methods.”

“The most troubling piece [is that] we continue to see known vulnerabilities for which we have patches available,” Neuberger was quoted in a Cyberscoop article on the presidential statement. “It makes it far easier for attackers than it needs to be.”

In an analysis piece, CNN White House Reporter Stephen Collinson examined the question of how likely a broad cyberattack on U.S. infrastructure is: “the key question is whether the Russian leader would risk a full-bore cyber conflict with Washington, which, as CNN reported last week, has fearsome capabilities of its own that may outmatch Russia’s arsenal and could quickly deliver devastating hits against Russian critical infrastructure.”

"The key question is whether the Russian leader would risk a full-bore cyber conflict with Washington, which, as CNN reported last week, has fearsome capabilities of its own that may outmatch Russia's arsenal" | Analysis by Stephen Collinson https://t.co/2RmIMCLoX2

— CNN (@CNN) March 22, 2022

Collinson cited other experts who noted that while there have been some attacks on Ukrainian banks and government agencies, no major, widespread cyber attacks have been launched at either Ukraine, the United States, or Western European countries. He said the consensus is that Russia has the capability to launch some devastating cyberattacks, but understands that Russia is also highly vulnerable to retaliatory cyber strikes.

The analysis pointed to U.S. intelligence successes in the Ukraine conflict and posited that the presidential announcement was to let Russian President Vladimir Putin know that the Unites States has noticed cyber activity and to assure Putin that any activity would be subject to retaliation.