President Joe Biden and his Deputy National Security Advisor Anne Neuberger warned Americans — specifically private companies — on Monday to brace for a cyberattack from Russia, even though Biden previously gave Putin a list of U.S. targets on which a cyberattack would deliver the hardest hit to our country. Because of course he did.
As Katie reported Monday, the warning of an impending cyberattack from Russia this week comes amid Putin's bloody war on Ukraine and the United States' retaliatory sanctions aimed at punishing Russia and its ruling class. Neuberger said Monday that the "Russian government is exploring options for potential cyber attacks on critical infrastructure in the United States," but added "there is no certainty there will be a cyber incident on critical infrastructure."
Speaking at the Business Roundtable on Monday, Biden said rather bleakly that "The magnitude of Russia's cyber capacity is fairly consequential, and it's coming." He said in a more polished statement that he'd "previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners. It’s part of Russia’s playbook," he added.
Well, part of Putin's playbook may have come directly from... President Biden. Back in June, as Leah reported just after the two leaders had a summit in Geneva, Biden literally provided his Russian counterpart with a list of targets that the United States considered "off limits" for cyberattacks.
"I gave them a list, if I’m not mistaken — I don’t have it in front of me — 16 specific entities; 16 defined as critical infrastructure under U.S. policy, from the energy sector to our water systems,” Biden said following his summit with Putin.
Biden says he gave Putin a list of 16 things that are off limits for cyber attacks on critical infrastructure. pic.twitter.com/ijyQX4LU2l— Jennifer Jacobs (@JenniferJJacobs) June 16, 2021
As Leah dug up to clarify Biden's statement at the time, that list included: commercial facilities, chemical, communications, critical manufacturing, dams, energy, defense industrial base, emergency services, financial, food and agriculture, government facilities, healthcare and public health, information technology, nuclear reactors, materials, and waste, transportation systems, and water and wastewater systems.
This list, again, was provided to Putin by President Biden with his explicit instructions that those entities were "off limits" to Russian aggression. Sort of like Biden told Putin invading Ukraine was off limits, I suppose.
If Putin takes Biden's warning about what pieces of America's critical infrastructure are off limits as seriously as he took the free world's warnings against invading Ukraine, we may be in for more mayhem — but a cyberattack may not be the worst of it. As Katie also noted, NATO decided in 2019 that serious cyberattacks against its member states were on the same level as a physical attack, meaning a Russian cyberattack on the United States deemed serious enough could lead to Article 5 being invoked as an attack against all NATO countries.