Biden ‘mulling cyber war’ after spate of high profile attacks on US
The Biden administration is said to be actively considering engaging in acts of cyberwarfare after a spate of high profile attacks on the US believed to be the work of hackers inside Russia.
According to US government officials and other sources familiar with the matter, the Biden administration is thinking about treating ransomware attacks as a national security threat, and is considering spying on foreign criminals as well as its own offensive cyber operations against hackers inside Russia, reported NBC News.
White House press secretary Jen Psaki said the administration was reviewing the way it handles incoming cyberattacks and, asked if the US would consider retaliation, said president Joe Biden was “not taking any options off the table”.
The move is being contemplated following a series of ransomware attacks over the last few years that have become a major source of economic damage.
The latest attacks on US-based company JBS, the world’s largest meatpacker, and on Colonial Pipeline, the largest fuel pipeline in the US, showed the extent of the damage and disruption such attacks can bring. The attack on the operations of Colonial Pipeline had crippled fuel delivery for several days.
The NBC report quoted government officials who said that “because they’re not carried out directly by governments, ransomware attacks like the ones that hit Colonial Pipeline and JBS have for years been treated as purely criminal matters, investigated by the FBI with an eye toward prosecution”.
“Criminal accountability was rare, however, because most of the hackers live in Russia and other places outside the reach of US law enforcement. Russia allows the hackers to operate without interference as long as they are attacking the West,” the US officials said.
President Joe Biden has already said that he is "looking closely” at the issue.
On the issue of ransomware attacks, Ms Psaki told a news conference this week that the president has launched a “rapid strategic review to address the increased threat of ransomware”.
Ms Psaki had said that this would involve four major lines of effort including “disruption of ransomware infrastructure and actors, building an international coalition to hold countries who harbour ransom actors accountable, expanding cryptocurrency analysis and reviewing our own ransomware policies”.
“So this is an internal policy process — essentially, one that’s looking at all of these entities within our national security/economic team,” she said.
She said cyberattacks was an issue that they have “discussed with the Russian government … and we’ve discussed it in the past, and delivered the message that responsible states do not harbour ransomware criminals”.
Asked whether the US is going to retaliate, Ms Psaki said: “We’re not taking any options off the table, in terms of how we may respond. But, of course, there’s an internal policy review process to consider that. We’re in direct touch with the Russians, as well, to convey our concerns about these reports.”
Following the ransomware attack on JBS, the US’s Federal Bureau of Investigation (FBI) had “attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice.” REvil is described as a cybercriminal group involved in ransomware attacks.
The direct reference to Russia by the White House is a change in the stance of the US government.
On 2 June, Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology, issue an open letter urging industries to take steps to protect themselves from ransomware attacks as the “number and size of ransomware incidents have increased significantly”.
“The federal government is stepping up to do its part, working with like-minded partners around the world to disrupt and deter ransomware actors. These efforts include disrupting ransomware networks, working with international partners to hold countries that harbour ransomware actors accountable, developing cohesive and consistent policies towards ransom payments and enabling rapid tracing and interdiction of virtual currency proceeds,” she said.
Later, on Thursday, Ms Psaki said they expect the issue of cyberattacks will be a part of the discussion when President Biden meets his Russian counterpart during a summit in less than two weeks.