Cyberattacks Could Cause ‘Real Shooting War’, Biden Warns
Cybersecurity Has Become a Top Priority on Biden Administration’s Agenda Following SolarWinds, Colonial Pipeline, and Kaseya Attacks.
U.S. President Joe Biden has warned that cyberattacks could escalate into a full-blown conflict as tensions with Russia and China grew because of a succession of hacking incidents impacting American organizations, agencies, and infrastructure.
During a speech at the National Counterterrorism Center of the Office of the Director of National Intelligence Biden stated:
You know, we’ve seen how cyber threats, including ransomware attacks, increasingly are able to cause damage and disruption to the real world.
I can’t guarantee this, and you’re as informed as I am, but I think it’s more likely we’re going to end up — well, if we end up in a war, a real shooting war with a major power, it’s going to be as a consequence of a cyber breach of great consequence.
Biden called Russia and China as the USA’s partners and “possibly mortal competitors down the road,” stating that cooperating on existential menaces such as climate change should avert the American government from keeping a “watchful eye on what the ultimate objective of the other team is.”
During his statement, Biden also suggested that Russia is already involved in the 2022 elections, claiming it was spreading misinformation ahead of it.
I think we also need to take on the rampant disinformation that is making it harder and harder for people to access — assess the facts, be able to make decisions.
Look what Russia is doing already about the 2022 elections and misinformation. It’s a pure violation of our sovereignty.
The American president’s remarks follow a NATO statement from mid-June that compared the impact of “significant” cyberattacks to “armed attacks.”
We reaffirm that a decision as to when a cyber attack would lead to the invocation of Article 5 would be taken by the North Atlantic Council on a case-by-case basis.
Allies recognize that the impact of significant malicious cumulative cyber activities might, in certain circumstances, be considered as amounting to an armed attack.
Russian Government Warned
In the last two months, the US has dealt with the seemingly endless wave of cyberattacks affecting companies all over the world and increasingly impacting US critical infrastructure.
JBS Foods, the world’s largest meatpacking enterprise, declared it had paid an $11 million ransom to REvil ransomware after the cyberattack forced the company to shut down production at several sites worldwide, affecting production facilities from United States, Australia, and Canada.
Colonial Pipeline also paid the DarkSide ransomware group nearly $5 million in cryptocurrency in return for a decryption key to restore its systems.
Following these two attacks, Deputy National Security Advisor Anne Neuberger warned US businesses to take ransomware seriously.
Given the ongoing wave of Russian-based ransomware attacks, American President Joe Biden has asked Russian President Vladimir Putin during a phone call to act on the attacks against American organizations and infrastructure.
Biden added that the U.S. will take “any necessary action” to protect itself against future attacks.
In June, White House Press Secretary Jen Psaki declared that the Biden administration will take action if the Russian president doesn’t suppress the cybercriminal activity within his country.
Biden Issues a National Security Memorandum
Following the recent attacks that revealed significant flaws across American infrastructure, Biden issued yesterday a national security memorandum meant to help strengthen the security of the crucial infrastructure.
It directs the Department of Homeland Security’s CISA and the Department of Commerce’s NIST, in collaboration with other federal agencies, to develop cybersecurity performance goals and guidance for critical infrastructure organizations.
We expect those standards will assist companies responsible for providing essential services like power, water, and transportation to strengthen their cybersecurity.
Responsible critical infrastructure owners and operators should be following voluntary guidance as well as mandatory requirements in order to ensure that the critical services the American people rely on are protected from cyber threats.