Why this is significant: The administration has previously warned of Russian cyberattacks in Ukraine and elsewhere, but Biden’s statement Monday came under the president’s own name. It also referred to new intelligence about attacks being planned instead of potential Russian cyber activities.
Past US intelligence warnings about the timing and manner of Russia’s invasion of Ukraine were largely accurate. Biden urged companies to “harden your cyber defenses immediately.”
No specific plans known yet: Anne Neuberger, the deputy national security adviser for cyber and emerging technology, warned that the Russian government was eyeing US critical infrastructure but did not cite any specific plans for attacks. She described Biden’s warning on Monday as “a call to action and a call to responsibility” to guard against attacks.
“Today we are reiterating these warnings, and we are doing so based on evolving threat intelligence that the Russian government is exploring options for potential cyberattacks on critical infrastructure in the United States,” Neuberger told reporters at the White House. “To be clear, there is no intelligence that there will be a cyberattack on critical infrastructure.”
Sharing the intel: Neuberger noted that federal agencies convened over 100 US companies to share information on the new intelligence around potential Russian cyberattacks. She said the government gave companies tools to strengthen cybersecurity and security advisories on what the government is seeing.
“There is no evidence of any specific cyberattack that we’re anticipating,” Neuberger said. “There is some preparatory activity that we’re seeing, and that’s what we shared in a classified context with companies that we thought might be affected.”
“You’ve seen the administration continuously lean forward and share even fragmentary pieces of information that we have to ensure maximum preparedness by the private sector,” she said. “So as soon as we learned about that, last week we hosted classified briefings with companies and sectors we felt would be most affected and provided very practical, focused advice.”
The best defense: The White House released a fact sheet prior to Neuberger’s comments detailing ways that US companies can defend themselves against cyberattacks, including mandating the use of multifactor authentication and encrypting data.
Biden said his administration will “continue to use every tool to deter, disrupt, and if necessary, respond to cyberattacks against critical infrastructure.”
Sam Sabin contributed to this report.