President Joe Biden today warned of "evolving intelligence" that indicates Russia may be getting ready to wage cyberattacks against US interests, calling this "a critical moment" and urging organizations to harden their cybersecurity defenses "immediately" if they have not already done so.
"There is now evolving intelligence that Russia may be exploring options for potential cyberattacks," Biden said in a statement today, noting that the new warning reiterates the threat previously issued by the administration of possible Russian cyber aggression against the US for imposing stiff economic sanctions on Russia.
"My Administration will continue to use every tool to deter, disrupt, and if necessary, respond to cyberattacks against critical infrastructure. But the Federal Government can’t defend against this threat alone. Most of America’s critical infrastructure is owned and operated by the private sector, and critical infrastructure owners and operators must accelerate efforts to lock their digital doors. The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has been actively working with organizations across critical infrastructure to rapidly share information and mitigation guidance to help protect their systems and networks," Biden said.
The White House provided a list of urgent security steps for organizations to follow, including enforcing multifactor authentication, applying software patches, running offline backups of data, encrypting data, and preparing for incident response to ensure quick response in case of an attack. "Engage proactively with your local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents. Please encourage your IT and Security leadership to visit the websites of CISA and the FBI where they will find technical information and other useful resources," the White House said in its advisory.
The FBI and CISA most recently warned of potential cyberattacks on satellite communications providers worldwide, and has released details on Russian threat actor techniques and methods, including the Russia's General Staff Main Intelligence Directorate (GRU) hacking team's (aka Sandworm) revamped malware framework, Cyclops Blink.