The US has “evolving intelligence” that Russia is exploring options for cyberattacks on the West, Joe Biden has warned.
Calling on the private sector to immediately harden its online defences, the US president said that “the magnitude of Russia's cyber capacity is fairly consequential, and it’s coming”. Vladimir Putin “hasn't used it yet, but it’s part of his playbook”, added Biden in an address this week to the bosses of some of his country's largest corporations.
The intervention followed the publication of the latest Annual Threat Assessment from the US Intelligence community, which found that Moscow was developing capabilities to target underwater cables and industrial control systems.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Cyber scenarios
The “most troubling takeaway” from Biden’s cyberattacks warning is that “US spy agencies have been spot on so far” in predicting Putin’s moves, said CNN’s White House reporter Stephen Collinson.
As the Ukraine war escalates global tensions, Putin “could turn his intelligence agencies or related criminal gangs against US government departments, hospitals, critical infrastructure and utilities”, in “direct reprisals” for “crippling sanctions” on Russia, Collinson wrote.
The BBC outlined three main scenarios that security experts reportedly fear most. The first is a targeted critical infrastructure attack like that in 2015 when Ukraine's electricity grid was disrupted by a cyberattack called BlackEnergy. The attack “caused a short-term blackout for 80,000 customers of a utility company in western Ukraine”, the broadcaster reported.
A second scenario would be a reprise of NotPetya, when destructive software was hidden in an update of accounting software used in Ukraine. The malware attack, in 2017, spread worldwide, destroying the computer systems of thousands of companies and causing an estimated $10bn (£7.5bn) of damage.
The third scenario would be an attack like that which resulted in the shutdown of the Colonial Pipeline in May 2021. A state of emergency was declared in a number of US states after hackers knocked out the online infrastructure of the pipeline, which carries 45% of the East Coast’s supply of diesel, petrol and jet fuel.
Timings of an attack
Chris Krebs, a former head of the US Cybersecurity and Infrastructure Security Agency, has warned that the “red lines” that have held back Putin from launching further cyberattacks may “evaporate”.
In an article for the Financial Times, Krebs argued that the “grim” economic outlook for Russia as sanctions kick in could “prompt Russian hackers to lash out against the West”.
However, The New Yorker said “the fact that devastating attacks haven’t occurred so far” has “raised doubts in some quarters about the viability and efficacy of using malicious software as a weapon of war”.
The magazine’s Sue Halpern speculated that it “may be that Russia never had the capabilities that its adversaries ascribed to it in the first place”.
“Unlike conventional weapons, which can be counted, cyber weapons are invisible until they are deployed, making it impossible for outsiders to assess the size and power of a nation’s cyber arsenal,” she wrote.
CNN’s Collinson noted that “there has so far been no major cybersecurity disaster, like a blanket power outage, a poisoned water system or a crippled supply chain, in the US or Ukraine since the invasion”.
Nearly 20 experts “who spoke with CNN” reportedly agreed that while Russia was “well positioned” to launch catastrophic cyberattacks on the US, Putin understands that his cyber capabilities are outmatched by those of the US.
Samantha Ravich, chair of the Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation, told the BBC’s World At One that Putin has kept his cyber powder dry because he knows such weapons can “get out of control”.
However, she added, Putin might lash out as he gets “more and more desperate”.
The West should “harden the castle walls” against such attacks, Ravich concluded, because while the “cyber dog” hasn’t barked yet, “it will”.
Continue reading for free
We hope you're enjoying The Week's refreshingly open-minded journalism.
Subscribed to The Week? Register your account with the same email as your subscription.
-
Is Ukraine losing the support of Eastern Europe?Today's big question Grain dispute between Warsaw and Kyiv could lead to other dominos falling
-
Russian pilot 'tried to shoot down RAF plane'
Speed Read 'Ambiguous' communications triggered the potentially deadly incident in 2022, defence sources say
-
Inside the luxury bulletproof train taking Kim Jong Un to Russia
The Explainer The North Korean leader has continued the tradition of train travel established by his father
-
Yevgeny Prigozhin: will ‘predictable’ death of Wagner chief backfire on Putin?
Today's Big Question Analysts say Russian president faces growing danger from advisers and risk of revenge from Wagner fighters
-
Is Belarus the next serious threat to the West?
Today's Big Question President Lukashenko is tightening ties with Russia and China while ‘escalating tensions with Nato’
-
Why Putin is weaponising grain in the war with Ukraine
Under the Radar Russian president’s use of food as a strategic weapon could prove brutally effective
-
What role is Russia playing in the Niger coup?
Today's Big Question Vladimir Putin will ‘welcome’ chance to expand influence in region, despite no indication he was behind military takeover
-
Putin skips South Africa summit: will anyone arrest Russian president?
Today's Big Question Moscow has threatened war on any country that upholds international arrest warrant over war crimes in Ukraine
