These options, according to officials familiar with the discussions, include variations of measures President Barack Obama considered and rejected after the hack into state electoral systems in 2016. They have included the use of cyber tools to reveal or freeze assets secretly held by Russian President Vladimir V.
At a White House press briefing on Tuesday, Jen Psaki, the press secretary, said an American response would come in “weeks, not months.” But first, the United States will have to make a definitive statement that one of the Russian intelligence agencies was responsible.
“There’s not a lot of suspense right now about what we’re talking about,” said Smith, who added that while Microsoft had not identified the intruders, nothing contradicted the intelligence services’ tentative conclusion. Americans that Russia was “likely to be the culprit.
Mr. Biden will then have to overcome another problem: to differentiate what the Russians have done from the kind of spying the United States is doing, including against its allies. Officials are already preparing the basis for this argument. Last week, Biden called the malware intrusion “reckless” because it affected more than 18,000 businesses, mostly in the United States. Privately, US officials are already testing the argument that Russia should be punished for “indiscriminate” hacking, while the United States uses similar tools for only targeted purposes. It is not clear that this argument will convince others to join in the measures to make Russia pay.
Mr Biden’s upcoming actions appear likely to include executive orders aimed at improving the resilience of government agencies and businesses to attacks and mandatory hack disclosure proposals. Many companies that have lost data to the Russians have not admitted it, either out of embarrassment or because there is no legal obligation to disclose even a major breach.
But the subtext of most of the testimony was that Russian intelligence could have linked US networks with “backdoor” access. And that possibility – nothing but fear – could limit the type of punishment Mr. Biden inflicts. While he had promised during the presidential transition to impose “substantial costs”, previous promises to hold Russia accountable did not create enough deterrence to worry them about punishment if they were caught in the hack. most sophisticated supply chain in history.
“The reality is they’re going to come back, and they’re going to be a pervasive offense,” said Kevin Mandia, chief executive of FireEye, the cybersecurity firm that discovered the intrusion after the Russians stole its fighting tools. the Pirates. Mr Mandia, a former air force intelligence officer, noted that “since the front door was locked” hackers have turned to known but poorly addressed vulnerabilities. In this case, they entered the network management software update system created by a company called SolarWinds. When the SolarWinds Orion software users downloaded the updated versions of the code, the Russians were there.