What has the FBI said about the possible Russian cyberattack on US energy companies?
The FBI warned the US energy sector that multiple Russian IP addresses were scanning company networks in potential prelude to a cyberattack.
Just days before President Biden gave a general public warning that hackers linked to the Kremlin could strike US targets the FBI briefed companies in the critical US infrastructure sectors about actions by Russian hackers. CBS News was first to report on the FBI bulletin, warning that multiple IP addresses from Russia were associated with abnormal activity scanning the networks of at least 23 US companies in critical sectors.
Deputy National Security Advisor Anne Neuberger gave a call to action on Monday at a White House press briefing “based on evolving threat intelligence that the Russian government is exploring options for potential cyberattacks on critical infrastructure in the United States.”
Also see:
“There is no certainty there will be a cyber incident on critical infrastructure”
Neuberger told the press that “there is no certainty there will be a cyber incident on critical infrastructure” but that companies need to take steps within their control to “protect the services millions of Americans rely on.” Over the past year the Biden administration has been working with companies on public-private action plans to shore up critical infrastructure like electricity, pipelines, and water.
Federal agencies brought together more than 100 companies last week to share resources and tools to help companies harden their security. This included “sensitive threat intelligence and hands-on support from local FBI field offices,” she said.
In the meetings with the federal law enforcement those companies were informed that there were 18 companies in a range of sectors including defense, finance, and IT, in addition to five energy companies that had been subjected to the scanning. The agency identified 140 Russian-based IP addresses that were linked to scanning activity out of the ordinary.
The activity is likely “preparatory activity” probing for network vulnerabilities that could be used down the road for “potential future intrusions” according to the FBI. However, the White House says that “there is no evidence of any specific cyberattack,” that is being anticipated.
A call to “harden” cyber defenses immediately
In a statement released Monday, President Biden called on the private sector to implement the cyber security best practices that have been developed through public-private partnerships to protect critical infrastructure and “accelerate efforts to lock their digital doors.”
Where the government has the authority, it is mandating that critical infrastructure companies and agencies take extensive cybersecurity measures. However, most of America’s critical infrastructure is owned and operated by the private sector whose “vigilance and urgency today can prevent or mitigate attacks tomorrow,” Biden said.
“My Administration will continue to use every tool to deter, disrupt, and if necessary, respond to cyberattacks against critical infrastructure.”