A bipartisan group of senators is sharing concern with the Biden administration about the potential of widespread Russian cyberattacks in the United States as retribution for harsh sanctions against Russia in the wake of President Vladimir Putin’s unprovoked invasion of Ukraine.
In a letter to Homeland Security Secretary Alejandro Mayorkas Sunday evening obtained by CNN, 22 senators, led by Nevada Democrat Jacky Rosen and South Dakota Republican Mike Rounds, raised questions about America’s readiness for Russian cyber and disinformation threats.
“Given Russia’s history of disruptive cyber and disinformation activities, we are concerned that the United States may be targeted in retaliation for actions taken to impose costs on Russia for its invasion of Ukraine,” the senators wrote.
DHS did not immediately respond to CNN’s request for comment.
The Biden administration has been on alert for potential Russian criminal or state-backed cyberattacks against critical infrastructure targets in the US – a posture that Washington assumed months ago but that has grown more acute since Russia invaded Ukraine.
Secretary of State Antony Blinken said earlier this month that the US is “very much on guard” for potential Russian cyberattacks in light of the war. While there have been several hacks of Ukrainian organizations, there have been no significant reports of the sort of high-impact cyberattacks on transportation or electric infrastructure that some have feared.
In their letter, the group of senators requested a briefing from Mayorkas about what the Cybersecurity and Infrastructure Security Agency (CISA) – which falls under DHS – is doing to proactively defend against Russian state-sponsored threats and what sectors might be targeted. They also asked whether a strategy is in place if critical infrastructure is breached and how CISA is “coordinating with international partners” on the matter.
For months, CISA, the White House and agencies including the Treasury Department have held briefings with key sectors like banking and energy on Russian cyber capabilities and the possibility for retaliation in cyberspace.
According to CISA’s website, there are currently no specific or credible cyber threats to the US.
Russian government-linked hackers have a long track record of infiltrating US government agencies and probing US critical infrastructure.
Last year, the Biden administration attributed a successful 2020 cyber-espionage campaign that exploited SolarWinds software to breach several government agencies to Russia’s foreign intelligence service, SVR. Russian-speaking ransomware groups have also disrupted US critical infrastructure, most notably last year during the days-long shutdown of Colonial Pipeline, a major fuel transporter for the East Coast.
In February, President Joe Biden designated DHS as the lead federal agency to coordinate domestic preparedness and response efforts related to the Russia-Ukraine crisis.
Last month, CNN reported that a senior FBI cyber official warned American businesses and local governments to be vigilant about potential ransomware attacks.