US officials prep big banks for potential Russian cyberattacks as Ukraine crisis deepens

Washington Officials from multiple US agencies met Thursday with executives from big US banks to discuss how they might respond to Russian hacking threats as US officials warn that Russia could invade Ukraine at any time, five people briefed on the meeting told CNN.

The meeting — which covered how to defend against potential Russia-backed hacking attempts against US financial institutions should the Biden administration sanction Russian entities — shows how US officials continue to see cyberspace as a domain of risk so long as the Ukraine crisis drags on.
The meeting came as President Joe Biden and his top officials spent the day laying out dire warnings about the potential for a Russian invasion. With an estimated 150,000 Russian troops positioned around the Ukrainian border, it was a day that underscored palpable concern that the pathway to a diplomatic off-ramp was growing exceedingly narrow.
    “My sense is this will happen over the next several days,” Biden told reporters on Thursday when asked if he expected Russia to invade Ukraine.
      Those warnings have coincided with efforts to lay the groundwork for an array of sanctions the US and allies have promised would be deployed in the event of Russian military action.
        Officials from the White House, Treasury Department, FBI and US Cybersecurity and Infrastructure Security Agency (CISA) attended the cybersecurity meeting Thursday, the people familiar with the meeting said. Executives from JPMorgan Chase and Citigroup, which is the only US bank currently operating in Ukraine, were invited.
        “We have good insight into Russian capabilities, or those of aligned actors, based on past actions, so we’ve approached this [process] with those in mind,” one US official told CNN.
          US officials such as CISA Director Jen Easterly continue to say there are “no specific credible threats to the US homeland’ stemming from the Russian military’s surrounding Ukraine. But officials are also preaching vigilance and, as CNN reported Monday, asking private executives to lower their thresholds for reporting suspicious digital activity to the government.
          The banking sector got a lesson in the cyber risks that can come with geopolitics in 2012 and 2013, when, following Western sanctions on Iran’s nuclear program, Iranian hackers overwhelmed the websites of dozens of US banks with phony traffic, costing tens of millions of dollars in lost business.
          The experience has loomed large in the minds of cybersecurity executives at US financial institutions, which have strengthened their defenses in recent years. Experts consider the financial sector one of the more mature in its cyber defenses.
          A Treasury spokesperson declined to comment on Thursday’s meeting. JPMorgan Chase and Citigroup declined to comment.
          A senior administration official told CNN that the White House and federal agencies have been preparing since November for “any potential disruptions to our critical infrastructure and possible impacts to individuals and communities.”

          ‘Tabletop exercises’

          The potential cyber threat has also featured in so-called “tabletop” exercises that have taken place inside the administration in recent months, as officials across the government have met to game out response possibilities that come with Russian escalation and potential invasion.
          “We have created a process for agencies to quickly assess the impact of cyber [and] physical incidents and to inform the White House of the same,” the official added.
          Federal officials and executives from key sectors like banking and energy have been keeping a close eye on any potential spillover effects from US-Russia tensions over Ukraine. Those preparations included an Energy Department briefing on the history of Russian cyber capabilities in December for America’s largest utilities, and a previous classified briefing from Treasury for big banks, CNN previously reported.
          One tipping point that could trigger Russia-backed hacking against US organizations is if the Biden administration imposes the “swift and severe” sanctions that officials have been promising if Russia further invades Ukraine.
            US officials have sought input on potential market effects of any new sanctions, which officials have suggested would go further than any package prior, with potential targets ranging from financial institutions and networks to export controls designed to impair critical Russian economic sectors reliant on American software and equipment.
            As tensions in the last several days have ratcheted up to their highest level yet, the tempo of the work to plan for what may occur in the wake of sanctions being put into place, already at a high level, has also increased, one official said.

            Comments are closed.