Richmond, March 22, 2022 — President Joe Biden on Monday urged U.S. companies to make sure their digital doors are locked tight because of “evolving intelligence” that Russia is considering launching cyberattacks against critical infrastructure targets as the war in Ukraine continues.
Addressing corporate CEOs at their quarterly meeting, Biden told the business leaders they have a “patriotic obligation” to harden their systems against such attacks. He said federal assistance is available, should they want it, but that the decision is theirs alone.
Biden said the administration has issued “new warnings that, based on evolving intelligence, Russia may be planning a cyberattack against us. … The magnitude of Russia’s cyber capacity is fairly consequential, and it’s coming.”
The president said the federal government is “doing its part” to prepare for an attack and warned the private-sector CEOs that it also is in the national interest that they do the same.
“I would respectfully suggest it’s a patriotic obligation for you to invest as much as you can” in technology to counter cyberattacks, Biden told members of the Business Roundtable. “We’re prepared to help you, as I said, with any tools and expertise we possess, if you’re ready to do that. But it’s your decision as to the steps you’ll take and your responsibility to take them, not ours.”
Biden’s top cybersecurity aide, Anne Neuberger, expressed frustration at a White House press briefing earlier Monday that some critical infrastructure entities have ignored alerts from federal agencies to fix known problems in software that could be exploited by Russian hackers.
“Notwithstanding these repeated warnings, we continue to see adversaries compromising systems that use known vulnerabilities for which there are patches,” said Neuberger, who is the president’s deputy national security adviser for cyber and emerging technologies. “That makes it far easier for attackers than it needs to be.”
The federal government has been providing warnings to U.S. companies of the threats posed by Russian state hackers since long before the country invaded Ukraine last month. The Cybersecurity and Infrastructure Security Agency has launched a “Shields Up” campaign aimed at helping companies strengthen their defenses and has urged companies to back up their data, turn on multi-factor authentication and take other steps to improve cyber hygiene.
Neuberger said there’s no intelligence suggesting a specific Russian cyberattack against U.S. targets, but she did add that there has been increase in “preparatory activity,” like scanning websites and hunting for vulnerabilities, that is common among nation-state hackers. – AP