Dive Brief:
- The Biden administration warned the country to harden its cyber defenses, as evolving intelligence shows Russia is preparing for a retaliatory attack against the U.S.
- President Joe Biden issued a statement Monday reiterating prior warnings that Russia might use malicious cyber activity to avenge economic sanctions imposed by the U.S. and allied countries following the invasion of Ukraine.
- "My administration will use every tool to deter, disrupt and if necessary, respond to cyberattacks against critical infrastructure," Biden said in the statement. "But the federal government cannot defend against this threat alone."
Dive Insight:
Federal agencies convened more than 100 companies and sectors last week to share classified cyberthreat information based on evolving U.S. threat intelligence, said Anne Neuberger, the deputy national security advisor for cyber and emerging technology in the Biden administration, speaking during a White House press briefing Monday.
The administration's broader, unclassified warnings Monday were meant to raise awareness and provide a call to action. Officials shared more detailed briefings with those organizations likely to be most affected.
"Even those sectors that we do not see any specific threat intelligence for, we truly want those sectors to double down and do the work that's needed," Neuberger said.
While the White House did not share specific targets or techniques for organizations to track, its steady stream of cybersecurity warnings are meant to harden critical infrastructure security.
"Notwithstanding these repeated warnings, we continue to see adversaries compromising systems that use known vulnerabilities for which there are patches. This is deeply troubling," Neuberger said.
Late last week, the FBI and Cybersecurity and Infrastructure Security Agency warned about possible cyberattacks against satellite communications networks based in the U.S. or allied nations.
A spokesperson for Germany’s Enercon confirmed that a cyberattack disrupted satellite communications to its wind turbines, or wind energy converters (WECs). About 40% of the affected WEC’s in Central Europe are back online, the spokesperson said.
"The teams are replacing the SAT modems that were damaged during the attack," the spokesperson said via email. "Even though we secured a large number of these components, it will not be possible to replace all damaged hardware at once.”
Officials from Mandiant said the warning is an attempt by Russia to retaliate against the U.S. for serious economic sanctions, without triggering a direct conflict with the country.
"We’re not surprised to learn Russia is weighing a cyberattack against the U.S. in light of the serious pressure the country is now facing," John Hultquist, VP of Intelligence Analysis at Mandiant said in a statement. "Russia is probably looking to aggressively respond in a manner that won’t lead to war with the U.S., and cyberattacks are a means for them to exact costs without crossing a major red line."
Hultquist added that cyberattacks are often reversible and nonlethal, but said the economic and psychological cost of an attack can be significant.