President Joe Biden speaks during a tour of the Ford Rouge Electric Vehicle Center, in Dearborn, Michigan on May 18, 2021.
Michael Wayland | CNBC
President Joe Biden on Monday advised U.S. corporations to strengthen their cybersecurity practices because of intelligence reports indicating that Russia is looking at possibilities to attack.
The guidance came almost a month after Russian troops invaded Ukraine in a war that has brought over 900 deaths, including 39 children.
“I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners,” the president said in a statement. “It’s part of Russia’s playbook. Today, my Administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks.”
Biden directed people to White House guidance that included the use of multi-factor authentication for preventing attackers from easily accessing systems. The White House suggested companies back up and encrypt data, refresh passwords, and keep devices up to date with the latest security fixes.
“We need everyone to do their part to meet one of the defining threats of our time — your vigilance and urgency today can prevent or mitigate attacks tomorrow,” Biden said.
We don’t know that adversaries will mount an attack on critical infrastructure, Anne Neuberger, the U.S., deputy national security advisor for cyber and emerging technology, told reporters at a press conference. Still, the federal government gave classified briefings to hundreds of companies last week.
“There is some preparatory activity that we’re seeing,” said Neuberger, who declined to name the industries that could be at risk of getting hit.
U.S. software company HubSpot said it had been attacked on Friday, and it suspected it was aimed at cryptocurrency customers. HubSpot did not identify the attacker.
Microsoft said late last month that it was sharing cyberthreat information with the U.S. government. The company had seen attacks on civilian and military targets in Ukraine, but it had not attributed them to Russia or any other actor.
“We’ve made it very clear to the Russians that there will be a high price to pay if they were to use their capabilities to target critical infrastructure to target sectors of strategic importance,” Ned Price, a spokesperson for the State Department, said at a press briefing.
–CNBC’s Amanda Macias and Christina Wilkie contributed to this report.