As Biden warns of a Russian cyberattack, what are the precedents? Here’s what happened when a major oil pipeline was hacked last year
President Joe Biden warned U.S. business leaders on Monday that “evolving intelligence” suggests Russia is preparing cyberattacks against the U.S. in retaliation for the harsh economic sanctions imposed on the country for invading Ukraine.
“The magnitude of Russia’s cyber capacity is fairly consequential and it’s coming,” Biden said at the Business Roundtable CEO Quarterly Meeting in Washington.
It’s not the first time Biden has called attention to potential Russian cyberattacks, but speaking to business leaders Monday, Biden’s remarks suggest the threat has become more imminent.
“It’s part of Russia’s playbook,” the president said in a written statement released before he spoke at the roundtable. “Today, my administration is reiterating those warnings based on evolving intelligence that the Russian government is exploring options for potential cyberattacks.”
What’s the worst that could happen?
Well, if recent history is anything to go by, critical infrastructure like America’s oil pipeline could be at risk. It actually happened less than 12 months ago.
The 2021 Colonial Pipeline hack
In May 2021, a group of hackers known as DarkSide, which the F.B.I. said was operating from Eastern Europe and possibly Russia, hacked Colonial Pipeline Co. and temporarily disrupted the flow of nearly half the gasoline and jet fuel supplies to the East Coast.
That was when oil cost $65 per barrel on average over the course of the month. With the invasion of Ukraine sending oil prices gyrating, Biden banning imports of Russian oil, and the IEA recommending drastic measures to cut down on fossil fuels, another such disruption to the pipeline could be disastrous.
In the case of the Colonial pipeline, DarkSide’s intention was not to disrupt the flow of gas or disrupt the economy, but rather to hold the data for ransom. Colonial paid nearly $5 million to the hackers to restore the network and recover the data.
It’s unclear what “evolving intelligence” the U.S. has acquired in early 2022. According to deputy national security adviser Anne Neuberger, Russia has been preparing for potential future attacks, but “there is no certainty there will be a cyber incident on critical infrastructure.”
“There is no evidence of any specific cyberattack that we’re anticipating,” Neuberger said at Monday’s White House briefing. “There is some preparatory activity that we’re seeing, and that is what we shared in a classified context with companies that we thought might be affected.”
Biden urges companies to strengthen cyber defenses
Regardless, the rising threat prompted Biden to stress the importance of business leaders beefing up their cybersecurity to help prevent or limit the damage of potential Russian attacks.
“You have the power, the capacity, and the responsibility to strengthen the cybersecurity and resilience of the critical services and technologies on which Americans rely,” Biden said, addressing business leaders.
To that end, the White House released a fact sheet Monday detailing steps companies can take to shore up their cybersecurity, including mandating the use of multifactor authentication, encrypting data, ensuring offline data backups, and educating employees on common hacking tactics.
“If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year,” Biden said.
Since taking office, Biden says his administration has worked to strengthen national cyber defenses, including “mandating extensive cybersecurity measures for the Federal government and those critical infrastructure sectors where we have authority to do so.”
But the White House said Monday that a Russian cyberattack could target private businesses aimed at disrupting the U.S. economy, which is why Biden urged company leaders to take additional safety precautions.
According to reporting from CNN, the U.S. departments of Energy, Treasury, and Homeland Security have spent recent weeks briefing banks, electric utility companies, and others on Russia’s hacking capabilities, and urged businesses across all sectors to report any signs of suspicious activity.
It would not be the first time U.S. infrastructure was targeted by Eastern European hackers in recent memory.
But if Russia were to orchestrate a cyberattack on the U.S., its motivations would likely be different from DarkSide’s last year. In Ukraine, Russia’s been conducting cyberattacks since mid-February, including attacks against the country’s defense ministry and army websites and the sites of the country’s largest banks.
Never miss a story: Follow your favorite topics and authors to get a personalized email with the journalism that matters most to you.