WASHINGTON — President Joe Biden and national security officials warned that Russia may be ramping toward cyberattacks on U.S. critical infrastructure as the war in Ukraine continues.

“Today, my administration is issuing new warnings that, based on evolving intelligence, Russia may be planning a cyberattack against us,” Biden said March 21 at a Business Roundtable quarterly meeting. “As I said, the magnitude of Russia’s cyber capacity is fairly consequential, and it’s coming.”

U.S. Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger said there was “no evidence of any specific cyberattack that we’re anticipating for” during a White House briefing the same day. Rather, she said, there is “some preparatory activity that we’re seeing,” which needed preempting.

Signs of potential malign activity spurred ongoing advisories as well as classified talks with companies last week.

“Bottom line, this is about us, the work we need to do to lock our digital doors and to put the country in the best defensive position,” Neuberger said. “As the president has said, the United States is not seeking confrontation with Russia. But he has also said that if Russia conducts destructive cyberattacks against critical infrastructure, we will be prepared to respond.”

The private sector owns and operates much of the critical infrastructure in the U.S.

The vital systems have been hit before: In 2021, ransomware incidents battered 14 of 16 U.S. critical sectors, including the defense industrial base, according to the federal government. The Colonial Pipeline was attacked, for example, as was meat supplier JBS.

“Let me be absolutely clear about something. It’s not just your interests that are at stake with their potential use of cybersecurity,” Biden told CEOs at the roundtable meeting. “It is the national interest at stake.”

Members of Congress, industry executives and analysts alike have said Russia poses a serious cyber threat to those it targets. Moscow uses the domain to project its force and meddle in foreign goings-on, according to the U.S. Cybersecurity and Infrastructure Security Agency.

“We do continue to see Russia conducting both, as you know, significant malicious activity in Ukraine, major kinetic attacks, which have disrupted and killed lives, as well as cyber activity,” Neuberger said.

Ukrainian systems have suffered more than 3,000 distributed denial-of-service attacks, jumbling communications and hampering operations, according to its government. The State Service of Special Communication and Information Protection of Ukraine on March 16 said the number of digital attacks perpetrated against the country’s “vital infrastructure hasn’t decreased since the beginning of the war.”

Russia has denied responsibility.

CISA earlier this year issued a “Shields Up” notice, cautioning organizations to prepare for disruptions or attempted intrusions. The Department of Homeland Security agency suggested Russia’s renewed invasion of Ukraine could bleed west, specifically on the cyber front.

“One of the tools he’s most likely to use, in our view, is cyber, cyberattacks,” Biden said of Russian President Vladimir Putin. “They have a very sophisticated cyber capability.”

Colin Demarest is a reporter at C4ISRNET, where he covers military networks, cyber and IT. Colin previously covered the Department of Energy and its NNSA — namely Cold War cleanup and nuclear weapons development — for a daily newspaper in South Carolina. Colin is also an award-winning photographer.

More In Management
Federal contract workers deserve better pay, Congress can help
Today, the federal contract workers who are arguably struggling the most are those employed by companies operating under the Service Contract Act. These “blended federal workforce” employees typically consist of individuals from low-income communities – often women of color – performing work such as housekeeping.
Six proven steps to Zero Trust
Agency leaders are working to adopt the mindset of trust nothing and verify everything to prioritize the transformation of legacy systems.
US must prepare for proliferation of cyber warfare
To build cyber resilience in this heightened threat environment, agencies must work closely with both international counterparts and industry to align on a proactive, global approach to all cyber threats –– not just state-sponsored attacks.
In Other News
Democrats and Republicans agree: government must do more
The Pew Research Center report revealed several benchmarks of public opinion on government efficacy, including the federal response to certain issues and views on politicians. One finding set the tone: “Just 20% say they trust the government in Washington to do the right thing just about always or most of the time.”
Closing the federal remote work gap
John Greenstein of Bluescape outlines the steps federal leaders can take to create a more equitable environment in the age of hybrid workplaces.
Load More