US president Joe Biden has urged critical infrastructure owners and operators to “accelerate efforts to lock their digital doors” in warning over potential cyber attacks from Russia.
On 21 March 2022, Biden claimed in a statement that “evolving intelligence” showed the Russian government was “exploring options” for cyber attacks in response to the “unprecedented economic costs” imposed by the US and others following Vladimir Putin’s illegal invasion of Ukraine.
However, Biden noted that the federal government could not act alone as most of the US’ critical infrastructure is owned and operated by the private sector, and called on them to “do their part” to prevent and mitigate attacks.
“If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year,” he said. “You have the power, the capacity, and the responsibility to strengthen the cyber security and resilience of the critical services and technologies on which Americans rely.”
Biden added that his administration “will continue to use every tool to deter, disrupt and, if necessary, respond to cyber attacks against critical infrastructure”.
Biden previously warned on 24 February – the day Putin invaded Ukraine after weeks of rising tension – that the US is “prepared to respond” to cyber attacks on US companies and critical infrastructure.
More recently, Biden signed cyber security incident reporting mandates into law on 15 March 2022, making it a legal requirement for operators of critical national infrastructure (CNI) to disclose cyber attacks to the government.
Known as the Strengthening American Cybersecurity Act, the law requires CNI owners within the US to report substantial cyber attacks to the CISA within 72 hours, and any ransomware payments made within 24 hours.
From The Shadows Emerges Knowledge