- President Joe Biden said his administration is reiterating warnings about cyberattacks from Russia because of updated intelligence saying Russia is looking at options for possible attacks.
- One U.S. official, Anne Neuberger, said the government had seen preparatory activity but she declined to name industries that could be at risk.
President Joe Biden on Monday advised U.S. corporations to strengthen their cybersecurity practices because of intelligence reports indicating that Russia is looking at potential attacks.
The guidance came almost a month after Russian troops invaded Ukraine in a war that has killed more than 900 people, including 39 children.
"I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we've imposed on Russia alongside our allies and partners," the president said in a statement. "It's part of Russia's playbook. Today, my Administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks."
Biden cited White House guidance on preventing cyberattacks, which recommends the use of multifactor authentication for preventing attackers from easily accessing systems. The White House also suggested companies back up and encrypt data, refresh passwords and keep devices up to date with the latest security fixes.
"We need everyone to do their part to meet one of the defining threats of our time — your vigilance and urgency today can prevent or mitigate attacks tomorrow," Biden said.
We don't know that adversaries will mount an attack on critical infrastructure, Anne Neuberger, the U.S. deputy national security advisor for cyber and emerging technology, told reporters at a press conference. Still, the federal government gave classified briefings to hundreds of companies last week.
"There is some preparatory activity that we're seeing," said Neuberger, who declined to name the industries that could be at risk of getting hit.
U.S. software company HubSpot said it had been attacked on Friday and it suspected the attack was aimed at cryptocurrency customers. HubSpot did not identify the attacker.
Microsoft said late last month that it was sharing cyberthreat information with the U.S. government. The company had seen attacks on civilian and military targets in Ukraine, but it had not attributed them to Russia or any other actor.
"We've made it very clear to the Russians that there will be a high price to pay if they were to use their capabilities to target critical infrastructure, to target sectors of strategic importance," Ned Price, a spokesperson for the State Department, said at a press briefing.
— CNBC's Amanda Macias and Christina Wilkie contributed to this report.