The White House blamed Russia on Friday for this week’s cyberattacks targeting Ukraine’s defense ministry and major banks and warned of the potential for more significant disruptions in the days ahead.
Anne Neuberger, the Biden administration’s deputy national security adviser for cyber and emerging technologies, said the U.S. had rapidly linked Tuesday’s attacks to Russian military intelligence officers.
Britain joined the U.S. in blaming the GRU military intelligence agency for the distributed denial-of-service attacks that unfolded as tensions escalate between Russia and Ukraine.
The attacks, which knocked government websites and a couple of major banks offline for much of the day, were of “limited impact” since Ukrainian officials were able to quickly get their systems back up and running, Neuberger said.
But she said the Russians could also be laying the groundwork for more disruptive activities that could accompany an invasion of Ukraine.
“We do expect that should Russia decide to proceed with a further invasion of Ukraine, we may see further destabilizing or destructive cyber activity, and we’ve been working closely with allies and partners to ensure we’re prepared to call out that behavior and respond,” Neuberger said.
She said the U.S. was publicly blaming the Kremlin because of a need to “call out the behavior quickly.”
“The global community must be prepared to shine a light on malicious cyber activity and hold actors accountable for any and all disruptive or destructive cyber activity,” Neuberger said.
The British Foreign Office said the attack “showed a continued disregard for Ukrainian sovereignty. This activity is yet another example of Russia’s aggressive acts against Ukraine.”
Neuberger said there was no intelligence indicating that the U.S. would be targeted by a cyberattack, but that remained a concern, giving that the banking system does not have the “cyber resilience” that it should.
Ukrainian officials called Tuesday’s denial-of-service attacks the worst in the country’s history. But while they definitely disrupted online banking, impeded some government-to-public communications and were clearly intended to cause panic, they were not particularly serious by global or historic standards, said Roland Dobbins, the top engineer for DDoS at the cybersecurity firm Netscout.
“Most DDoS attacks succeed due to the lack of preparation on the part of the defenders,” said Dobbins, adding that most commercial mitigation services designed to counter such attacks would likely have been able to fend off Tuesday’s attacks.