Russia Could Launch Cyber Attacks Against U.S. if Biden Sends Wrong Signals, Intel Warns

In a new memo obtained by Newsweek, the Department of Homeland Security has warned of Russia's potential to launch cyberattacks against the United States in response to a possible escalation of the crisis unfolding at the border with Ukraine.

"We assess that Russia would consider initiating a cyber attack against the Homeland if it perceived a US or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security," the memo, dated January 23 and attributed to the Office of Intelligence and Analysis, reads in bold text.

The warning came as President Joe Biden sent additional weapons to Ukrainian forces and reportedly weighed the option of sending thousands of U.S. troops to the Baltic states bordering Russia over concerns that Moscow was planning imminent military action against Ukraine.

Kyiv has defied the Kremlin's protests by seeking membership in the NATO Western military alliance, something that Russian officials have said threatened their country's national security. The bloc has expanded eastward since the fall of the Soviet Union three decades ago and has refused to rule out including Ukraine as well.

The memo detailed a range of ways in which Russia may choose to unleash its cyber arsenal in the event of a flare-up while noting such an action would be unprecedented.

"Russia maintains a range of offensive cyber tools that it could employ against US networks — from low-level denials-of-service to destructive attacks targeting critical infrastructure," the memo read. "However, we assess that Russia's threshold for conducting disruptive or destructive cyber attacks in the Homeland probably remains very high and we have not observed Moscow directly employ these types of cyber attacks against US critical infrastructure — notwithstanding cyber espionage and potential prepositioning operations in the past."

Reached for comment, a spokesperson for the Department of Homeland Security told Newsweek said it "regularly shares information with federal, state, local, tribal, and territorial officials and the private sector to ensure the safety and security of all communities across the country."

"We have increased operational partnerships between private sector companies and the federal government to strengthen our nation's cyber defenses, including through CISA's newly established Joint Cyber Defense Collaborative (JCDC)," the spokesperson said. "The JCDC brings these partners together to help us understand the full threat landscape and enable real-time collaboration to empower our private sector partners to gain information and take action against the most significant threats to the nation."

The memo, which was first reported on by CNN, has already generated reactions from experts and former officials, some of whom expressed concern that a wider conflagration could erupt.

Alexander Vindman, a retired U.S. Army lieutenant colonel who served as director for European Affairs at the National Security Council under former President Donald Trump, said the Biden administration has tried to "keep the U.S. out of bilateral confrontation" with Russia, and "that's why they kind of took this approach limited to diplomacy" as the U.S. leader ruled out the deployment of U.S. soldiers to Ukraine itself.

"Already we see that's eroding," Vindman, who was reassigned from his position in early 2020 following his testimony to lawmakers regarding a controversial call between Trump and Ukrainian counterpart Volodymyr Zelensky, told Newsweek. "Already we see the risks in a full-spectrum type of scenario, starting out kind of low-end with regards to cyber operations, those risks are increasing."

And if these risks turn kinetic, he warned such an escalation could pass the point of no return.

"Once the shots are fired, there is no putting the genie back in the bottle," Vindman said.

US, Navy, Cyber, Command, watch, floor
A graphic published March 4, 2019 shows the watch floor of the U.S. Navy Fleet Cyber Command. Oliver Elijah Wood/Petty Officer 2nd Class William Sykes/U.S. Fleet Cyber Command/U.S. 10th Fleet/U.S. Navy

One former U.S. intelligence analyst said Russian President Vladimir Putin was likely calculating these risks as he planned his next moves vis-à-vis the situation in Ukraine and deterring U.S. actions.

"Russia certainly has the ability to carry out cyber attacks against U.S. systems, but also very much wants to avoid direct confrontation with the United States through deliberate acts that might result in their loss of 'escalation control,'" the former intelligence analyst told Newsweek. "Attacks targeting U.S. critical infrastructure systems would almost certainly prompt more serious reprisals from the Biden administration, something Putin wants to avoid, as he'll likely seek to keep conflict confined to Ukraine."

Given past cyber attacks Washington has attributed to Moscow and the current level of escalation, however, others emphasized a need to reinforce digital defenses.

"Russia has telegraphed that they are willing to attack critical infrastructure here in the U.S.," Brian Harrell, who served as former Department of Homeland Security Assistant Secretary for Infrastructure Protection before his resignation in August 2020, told Newsweek.

"The private sector should work to understand enemy tactics, including spear-phishing and brute force attacks while conducting proactive threat hunting efforts," he added. "We have absolutely entered a heightened period of awareness given the threats that have been made and the demonstrated attacks we've seen from the Russian GRU and Foreign Intelligence Service."

Mike McNerney, who serves as senior vice president of security at Resilience Insurance, a San Francisco-based firm that offers cybersecurity and insurance services, commended the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency for having set out to prepare the private sector for such attacks, regardless of their origin.

"CISA is absolutely doing the right thing by telling US companies to be prepared against cyber threats," McNerney told Newsweek. "While Russia is unlikely to escalate tensions with the U.S. right now by launching cyber attacks here, there is also the possibility of opportunistic attacks from criminal groups."

Kyiv has already accused Moscow of employing covert cyber tactics throughout the course of the current dispute, which first began to grab global attention in March of last year and then again in November as up to 100,000 Russian troops amassed near the country's restive border with Ukraine, where Russia-aligned separatists have been active since 2014. An apparent cyber attack gripped the post-Soviet Eastern European state earlier this month, but Russian officials have dismissed any allegations their government was behind the incident.

"We are nearly accustomed to the fact that Ukrainians are blaming everything on Russia, even their bad weather," Kremlin spokesperson Dmitry Peskov told reporters last week, according to the state-run Tass Russian News Agency.

Ukraine, Kyiv, Territorial, Defense, volunteer, units
Civilian participants in a Kyiv Territorial Defense unit train in a forest on January 22 in Kyiv, Ukraine. The country has seen a sharp uptick in civilians receiving basic combat training for groups that would be under direct command of the Ukrainian military should war erupt with a far larger, more powerful Russian military. Sean Gallup/Getty Images

As Washington and Moscow struggle to find common ground in talks, the Biden administration has also publicly the likelihood of Russia waging cyberwarfare, though often in the context of actions that would target Ukraine itself.

In an interview with NBC News on Sunday, Secretary of State Antony Blinken warned that "in the event that there is a renewed Russian incursion, Russian forces going into Ukraine, there is going to be a swift, a severe, and united response" and also threatened such a reaction in response to other things "Russia could do short of sending forces into Ukraine again to try to destabilize or topple the government – cyber attacks, hybrid means, et cetera."

In Ukraine, officials have sought to downplay the threat of any major escalation on the horizon, even as three embassies in Kyiv, those of Australia, the United Kingdom and the U.S., sent diplomats out of the country. On Monday, Ukrainian National Security Council Secretary Alexey Danilov called on those in the media "to turn down the heat."

That same day, Peskov too criticized what he called "information hysteria" when it came to the situation between Russia and Ukraine. He placed the blame on the U.S. and NATO, however, and said Western powers were also responsible for real-world provocations as well.

"As for concrete actions, we see the statements published by NATO about the increase of the contingent and relocations of forces and means to the eastern flank," Peskov said. "All this leads to an escalation of tensions."

This article has been updated to include a comment from a spokesperson for the Department of Homeland Security.

Editor's pick

Newsweek cover
  • Newsweek magazine delivered to your door
  • Unlimited access to
  • Ad free experience
  • iOS and Android app access
  • All newsletters + podcasts
Newsweek cover
  • Unlimited access to
  • Ad free experience
  • iOS and Android app access
  • All newsletters + podcasts