The Biden administration is gearing up to carry out cyberattacks aimed at Russian networks, The New York Times has reported, describing the provocation as a retaliatory measure designed to send Moscow a message.
Citing officials familiar with the operation, the Times said that a “series of clandestine actions” aimed at Russia is expected to begin over the next three weeks and that the cyberattacks are intended to be “evident” to President Vladimir Putin and Russia’s intelligence services, but not to the “wider world.”
The officials said the actions would be combined with some kind of economic sanctions — though there are few truly effective sanctions left to impose — and an executive order from Mr. Biden to accelerate the hardening of federal government networks after the Russian hacking, which went undetected for months until it was discovered by a private cybersecurity firm.
The attack will likely coincide with new economic sanctions against Moscow, as well as an executive order from President Joe Biden that would bolster security for US government networks.
In an interview last week, Jake Sullivan, Biden’s national security adviser, told the Times that he supported carrying out clandestine operations that would be “understood by the Russians, but may not be visible to the broader world,” arguing that such actions would force a “broad strategic discussion” with Moscow.
Sullivan said on Twitter on Thursday that the White House was “closely tracking” the reports that the vulnerabilities in Microsoft Exchange were being used in “potential compromises of U.S. think tanks and defense industrial base entities.”
The allegedly imminent cyberattack has been framed as a retaliatory measure in response to the high-profile SolarWinds breach. The hack, first reported in December, provided backdoor access to a widely used network-management program distributed by the Texas-based SolarWinds company.
The hackers were able to use the exploit to compromise the systems of more than 100 commercial firms around the world, as well as nine US government agencies. Described as one of the largest and most sophisticated cyberattacks to date, it took eight months before the breach was discovered.
Washington has argued that the attack could have only been carried out with the assistance of a foreign government. US intelligence agencies have alleged that the hack was “likely Russian in origin,” but has not provided evidence for the claim. Moscow has denied any involvement in the incident, calling the accusation “yet another unsubstantiated attempt” by the US to smear Russia.
Speaking last month to CBS, Sullivan said that the US would use a “mix of tools seen and unseen” to punish Russia for allegedly carrying out the SolarWinds attack.