Infrastructure vulnerabilities complicate Biden’s cyber strategy, an attendee acknowledges
Vulnerabilities in critical infrastructure in the United States are forcing the federal government to rethink its response to cyber attacks, a top cybersecurity adviser to President Biden acknowledged Wednesday.
Anne Neuberger, assistant national security advisor for cyber and emerging technology, told an Aspen Institute security forum that the federal government knows there are “security gaps in our critical infrastructure” when responding to hostile cyber activities such as hackers. and ransomware attacks.
He emphasized that the breaches represented a factor and not a limitation in the menu of options that the federal government examines when considering how to respond to a cyber attacker.
“The most effective way to address ransomware and other disruptive cyber activities that come from the borders of a country is within the leadership of that country, shaping its expectations and shaping its calculations,” said Ms Neuberger at the forum. “And I think they have seen the president do that in a very reflective way in his personal commitments, the commitments that he has built among the agencies of our country and also in that approach, both from national resilience, involving allies and partners and leaving in of course other options will also be considered. “
Biden’s critics have urged more forceful retaliatory attacks on cyber attackers, but Neuberger said the administration is focused on keeping the nation safe in cyberspace and thinking about the “long game.”
He said the government intends to achieve its goals in cyberspace by developing international standards, deterring by denial of national systems and ensuring that the government can defend itself.
Biden repeatedly warned Russian President Vladimir Putin this summer that there would be consequences from cyber attacks on critical infrastructure and disruptive actions in cyberspace, which US officials say originated in Russia.
Even some of Biden’s Democratic allies in Congress have become frustrated with the Biden administration’s cyber strategy and approach to attacks on critical infrastructure. Last week, Senator Sheldon Whitehouse, a Democrat from Rhode Island, rebuked the federal government for what he said was its inability to get key players to take cybersecurity seriously and confront what he called the lack of “real standards” of security. security.
In June, Mr. Whitehouse and Senator Steve Daines, Republican of Montana, proposed a bill that directs the Department of Homeland Security to study the benefits and risks of authorizing private entities to take offensive cyber actions.
As the federal government debates the correct response to attacks on critical infrastructure, Ms. Neuberger said he thought Biden’s message that critical infrastructure was off limits had been heard by potential adversaries.
He pointed to reported comments from BlackMatter, a new group of cybercriminals and possible successor to ransomware gangs that have affected critical infrastructure. According to cyber intelligence company Recorded Future, BlackMatter has vowed not to target certain industries, including critical infrastructure.
“We believe that we are seeing a commitment and will look to see actions that follow up on that commitment,” said BlackMatter’s Ms Neuberger.