Biden is 'considering cyber attacks' on Russian infrastructure in retaliation for 'Pearl Harbor of hacks' that breached 200 US federal agencies and firms - as fired DHS Cybersecurity chief Chris Krebs admits his 'failure' to stop it
Joe Biden is said to be considering cyber attacks on Russian infrastructure in retaliation for the hacks that breached 200 US federal agencies and firms.
The president-elect's team will consider several options over the country's suspected role in the unprecedented hacking of US government agencies and companies, sources have told Reuters.
The massive data breach enabled hackers believed to be from Russia's SVR foreign intelligence service to explore the networks of government agencies, private companies and think-tanks for months. Moscow has denied involvement.
Fired DHS Cybersecurity chief Chris Krebs on Sunday admitted his 'failure' to stop the hack, telling CNN: 'It happened on my watch. We missed it. A bunch of other folks missed it. But there is work to do now going forward to make sure A: we get past this, that we get the Russians out of the networks, but, B: that it never happens again.'
He warned: 'I'd be very careful with escalating this.'
Biden is reported to be looking at new financial sanctions and cyber attacks on Russian infrastructure, people familiar with the matter say.
Joe Biden is said to be considering cyber attacks on Russian infrastructure in retaliation for the hacks that breached 200 US federal agencies and firms
Christopher Krebs, former director of the Cybersecurity and Infrastructure Security Agency has admitted his 'failure' to stop the hack, telling CNN : 'It happened on my watch'
'They'll be held accountable,' Biden said in an interview broadcast on CBS on Thursday when asked about how he would deal with the Russian-led hack. He vowed to impose 'financial repercussions' on 'individuals as well as entities.'
Sources say the response will need to be strong enough to impose a high economic, financial or technological cost on the perpetrators, but avoid an escalating conflict between two nuclear-armed Cold War adversaries.
The overarching goal of any action, which could also include stepped-up counter cyber espionage efforts, would be to create an effective deterrence and diminish the potency of future Russian cyber spying, the person added.
The unfolding crisis - and the lack of visibility over the extent of the infiltration into the computer networks of federal agencies including the Treasury, Energy and Commerce Departments - will push to the front of Biden's agenda when he takes office on January 20.
A company called SolarWinds was hacked, permitting an open door into public and private sector computer systems. SolarWinds is behind critical network monitoring software utilized both by the US government and many blue-chip American firms.
'Symbolic won't do it' for any U.S. response, said James Andrew Lewis, a cyber security expert at the Center for Strategic and International Studies, a Washington think tank. 'You want the Russians to know we're pushing back'
President Donald Trump only acknowledged the hacking on Saturday almost a week after it surfaced, downplaying its importance and questioning whether the Russians were to blame.
Trump's silence did not go unnoticed with Democrats in Congress blasting Trump for failing to address the issue and demanding a harsh response on the perpetrators.
'Our nation is under assault. This cyberattack could be the largest in our history. We don't yet know the extent of the damage, but we know that we weren't prepared & have our work cut out for us,' Rep Jason Crow (D - Colorado) tweeted on Friday.
'We can't wait for leadership, we need it now. @realdonaldtrump, where are you?'
Crow also likened the attack to Pearl Harbor in a follow-up tweet: 'The situation is developing, but the more I learn this could be our modern day, cyber equivalent of Pearl Harbor.'
Mitt Romney demanded Sunday that the U.S. response to the Russia cyber attack be 'of like magnitude or greater'. Democratic Senator Mark Warner, ranking member of the Intelligence Committee, called the Kremlin's takeaway from the cyber attack a 'big haul.'
The discussions among Biden's advisers are theoretical at this point and will need to be refined once they are in office and have full view of U.S. capabilities.
Biden's team will also need a better grasp of US intelligence about the cyber breach before making any decisions, one of the people familiar with his deliberations said.
The president elect's access to presidential intelligence briefings was delayed until about three weeks ago as Trump disputed the November 3 election results.
Trump asserted that China was behind the unprecedented hack on US government agencies and private sector firms, after the secretary of state said on Friday that the Kremlin was to blame. Russian President Vladimir Putin, left, and China's President Xi Jinping are pictured
This heat map of infections created by Microsoft shows that those infiltrated by the hackers are spread out across the US
With Trump taking no action, Biden's team are concerned that in the coming weeks the president-elect may be left with only one tool: bluster, according to one of the people familiar with his options.
Biden issued a statement Thursday about the attack where he vowed to make cybersecurity 'imperative' when he takes office and said he would not 'stand idly by'.
'I want to be clear: My administration will make cybersecurity a top priority at every level of government - and we will make dealing with this breach a top priority from the moment we take office,' Biden said in a statement.
'We will elevate cybersecurity as an imperative across the government, further strengthen partnerships with the private sector, and expand our investment in the infrastructure and people we need to defend against malicious cyberattacks.'
A spokeswoman for Biden's transition team did not respond to a request for comment.
One potential target for U.S. Treasury financial sanctions would be the SVR, said Edward Fishman, an Atlantic Council fellow who worked on Russia sanctions at the State Department during the Obama administration.
Media reports have suggested the SVR-linked hacking group known as 'Cozy Bear' or APT29 was responsible for the attacks. The United States, Britain and Canada in July accused here 'Cozy Bear' of trying to steal COVID-19 vaccine and treatment research from drug companies and academic institutions.
'I would think, at the bare minimum, imposing sanctions against the SVR would be something that the U.S. government should consider,' Fishman said, noting that the move would be largely symbolic and not have a major economic impact.
The U.S. Treasury has already imposed financial sanctions on other Russian security services, the FSB and the GRU.
Financial sanctions against Russian state companies and the business empires of Russian oligarchs linked to Russian President Vladimir Putin may be more effective, as they would deny access to dollar transactions, both Fishman and Lewis said.
Those targets could include aluminum giant Rusal, which saw U.S. sanctions lifted in 2018 after blacklisted Russian billionaire Oleg Deripaska reduced his stake to a minority in a deal with the Treasury.
A company called SolarWinds was hacked, permitting an open door into public and private sector computer systems. SolarWinds is behind critical network monitoring software utilized both by the US government and many blue-chip American firms. The Pentagon is pictured
Lewis said a stronger option could be to cut Russia off from the SWIFT international bank transfer and financial messaging system, a crippling move that would prevent Russian companies from processing payments to and from foreign customers.
Such a move was contemplated in 2014 when Russia annexed Ukraine's Crimean peninsula, but it would hurt the Russian energy sector, complicating gas sales to Europe and hit European companies with Russian operations.
Neither the Treasury nor State Department responded to questions about possible actions in response to the hacking.
