President Biden Reiterates Warnings of Russian Cyberattack

22 March 2022 Innovative Technology Insights Blog
Author(s): Steven M. Millendorf

On March 21, 2022, President Biden issued a statement reiterating warnings that Russia is “exploring” options for potential cyberattacks against the United States in retaliation for sanctions against Russia for its invasion of Ukraine, citing “evolving intelligence.” The President also stressed the danger to executives at a meeting of the Business Roundtable, stating “one of the tools [Putin] is most likely to use, in my view and our view, is cyber, cyberattacks,” and indicating that while Putin has not used this weapon yet, it is “part of his playbook.” While Russia is unlikely to do something substantial that would risk retaliation by the United States, a small disruptive strike that impacts the U.S. economy for days, weeks, or even months still appears possible in order to “make a point.”

The warnings were echoed by Deputy National Security Advisor for Cyber and Emerging Technology, Anne Neuberger, who stated that while there is no certainty of such an attack on the United States, President Biden’s statement should be viewed as a “call to action,” with a particular focus on critical infrastructure, such as dams, electric grids, oil and gas production, water systems, and food production and distribution. Many of these critical functions are operated by the private sector, some of whom may not have deployed cybersecurity defenses consistent with best practices and may not be prepared for such a cyberattack. Businesses who are unprepared or have left known vulnerabilities unpatched are easy targets for a cyberattack.

Russian hackers are often considered by security experts to be some of the world’s most advanced and sophisticated, and a cyberattack by them against critical infrastructure may be highly disruptive. An annual report by the Office of the Director of National Intelligence regarding threats against U.S. national security released earlier this month confirmed this belief, stating “Russia is particularly focused on improving its ability to target critical infrastructure… because compromising such infrastructure improves and demonstrates its ability to damage infrastructure during a crisis.”

Neuberger also indicated that federal agencies have briefed more than 100 companies on the elevated threats, including information about preparing for a cyberattack. The renewed warnings from President Biden together with the guidance provided in these briefings from federal agencies should serve as a reminder for U.S. business of all types, especially those involved in critical infrastructure, to accelerate efforts to defend against a cyberattack. For more information on steps that businesses can implement now to protect against potential cyberattacks, see our previous article, Security Measures to Deploy Now to Defend Against a Russian Cyberattack.

For more information about security measures that your organization can deploy or for assistance in responding to a cyberattack, please contact any of the partners or senior counsel in Foley’s Cybersecurity Team. In the event of a cybersecurity incident, Foley’s Cybersecurity Team can be reached through our 24/7 cybersecurity incident hotline at (844) 4BREACH or databreach@foley.com

As the Russia-Ukraine war continues, so too do new business and legal implications for companies around the world. For more information on how to mitigate risk and protect your business, contact a Foley lawyer today.

This blog is made available by Foley & Lardner LLP (“Foley” or “the Firm”) for informational purposes only. It is not meant to convey the Firm’s legal position on behalf of any client, nor is it intended to convey specific legal advice. Any opinions expressed in this article do not necessarily reflect the views of Foley & Lardner LLP, its partners, or its clients. Accordingly, do not act upon this information without seeking counsel from a licensed attorney. This blog is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Communicating with Foley through this website by email, blog post, or otherwise, does not create an attorney-client relationship for any legal matter. Therefore, any communication or material you transmit to Foley through this blog, whether by email, blog post or any other manner, will not be treated as confidential or proprietary. The information on this blog is published “AS IS” and is not guaranteed to be complete, accurate, and or up-to-date. Foley makes no representations or warranties of any kind, express or implied, as to the operation or content of the site. Foley expressly disclaims all other guarantees, warranties, conditions and representations of any kind, either express or implied, whether arising under any statute, law, commercial use or otherwise, including implied warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Foley or any of its partners, officers, employees, agents or affiliates be liable, directly or indirectly, under any theory of law (contract, tort, negligence or otherwise), to you or anyone else, for any claims, losses or damages, direct, indirect special, incidental, punitive or consequential, resulting from or occasioned by the creation, use of or reliance on this site (including information and other content) or any third party websites or the information, resources or material accessed through any such websites. In some jurisdictions, the contents of this blog may be considered Attorney Advertising. If applicable, please note that prior results do not guarantee a similar outcome. Photographs are for dramatization purposes only and may include models. Likenesses do not necessarily imply current client, partnership or employee status.