The US warns companies to stay on guard for possible Russian cyberattacks

Anne Neuberger, Jen Psaki
Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, speaks alongside White House press secretary Jen Psaki during a press briefing at the White House, Monday, March 21, 2022, in Washington. (AP Photo/Patrick Semansky)

The White House is warning companies that Russia could be planning to launch cyberattacks against critical U.S. infrastructure.

The U.S. has previously warned about the Russian government’s capabilities to digitally attack U.S. companies, but President Biden reiterated the message on Monday, saying in a statement that “evolving intelligence” showed Russia is “exploring options for potential cyberattacks.”

The potential attacks would be in response to U.S. sanctions against Russia over its invasion of Ukraine, the White House said.

Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger called for companies to secure their systems, including implementing multifactor authentication, patching systems against known vulnerabilities, backing up data, running drills and engaging with federal authorities before a cyberattack happens.

Neuberger said the administration held classified briefings with companies last week based on “preparatory activity” that U.S. intelligence is picking up from Russia, but she said the U.S. government doesn’t see a specific cyberattack approaching.

Neuberger told reporters the U.S. had noticed an increase in malicious behavior while still seeing avenues for bad actors to easily exploit critical targets.

Criminals connected to Russia have launched several cyberattacks affecting the U.S. in recent years, including the ransomware attack on Colonial Pipeline, which led to gas shortages on the East Coast in May, followed a few weeks later by an attack on the meat processor JBS.

In one of the largest known attacks, hackers believed to be directed by Russian intelligence compromised about 100 companies and about a dozen government agencies through a software update. The breach had gone undetected for months and was first publicly reported in December 2020.

Russia has accused the U.S. of launching its own attacks. In 2018, U.S. Cyber Command reportedly blocked internet access to a St. Petersburg-based organization accused of spreading disinformation.

Meanwhile, hackers backing Russia and Ukraine have launched operations against each other over the past few weeks, though so far, Russia has yet to launch a massive attack on Ukraine’s water, communications, power or gas infrastructure.

Jenna McLaughlin contributed reporting.

Copyright 2022 NPR. To see more, visit