1. News
July 28, 2021

Biden: “Cyber breach of great consequence” may lead to “real shooting war”

By Robert Scammell

If the US engages in kinetic (that is, shooting) warfare with a “major power” it is likely to be in response to a “cyber breach of great consequence”, President Joe Biden has warned in the wake of high profile cyberattacks conducted by Russia and China against the US public and private sectors.

Addressing the Office of the Director of National Intelligence (ODNI) on Tuesday, Biden said: “I think it’s more than likely we’re going to end up, if we end up in a war – a real shooting war with a major power – it’s going to be as a consequence of a cyber breach of great consequence and it’s increasing exponentially, the capabilities.”

Since Biden’s election victory in November 2020 the US has been hit by some of the worst cyberattacks in its history. They include the mass-hack of IT software company SolarWinds, which resulted in up to 18,000 customer organisations, including many important tech companies and government agencies, installing a malicious update; a zero-day exploit used against some 30,000 US on-prem Microsoft Exchange servers; crippling ransomware attacks against Colonial Pipeline and meat processor JBS; and a supply chain ransomware attack against IT vendor Kaseya.

Cybersecurity is a high profile issue in business today, and investors understand this. GlobalData thematic analysts, updating their Enterprise Security sector scorecard rankings recently, noted that since the beginning of 2020, the enterprise security sector has risen 39% in corporate value. During this period, the S&P 500 index rose 29%, and the Shanghai Stock Exchange (SSE) Composite index rose 14%.

US intelligence agencies have formally blamed the Russian state for the SolarWinds attack and the Chinese state for the Microsoft Exchange hack.

Despite the cyberattacks causing significant disruption, including fuel shortages, the US has not publicly responded with attacks of its own.

During a summit in Geneva, Switzerland, on 16 June Biden gave Russian President Vladimir Putin a list of critical national infrastructure targets that are “off-limits” to cyberattacks.

And in May the US Department of Justice advised US attorney offices to send information on ransomware attacks to a centrally coordinated task force in Washington in a move that gives the system-locking malware a similar priority to terrorism.

However, it is unclear from Biden’s remarks what form of cyberattack would be classified as having “great consequence”.

Cody Barrow, director of threat intelligence at global threat intel company EclecticIQ, told Verdict that Biden’s comments are likely “strategic messaging” and a “signal to Russia to back off”.

The former Pentagon senior intelligence officer added: “Even taken concretely, the administration has leeway to define consequence as well.”

Barrow compared Biden’s comments to those made in 2019 by NATO secretary general Jens Stoltenberg that a “serious cyberattack”, such as the WannaCry ransomware that brought down NHS hospitals, could trigger Article 5 of the NATO founding treaty.

Triggering this would see an attack against one NATO member being seen as an attack against all.

During his ODNI speech, Biden also appeared to draw a line between him and his predecessor Donald Trump, telling intelligence officials that he will “never politicise” the work they do.

On several occasions Trump contradicted or criticised US intelligence agencies, including over their investigation into Russian interference in the 2016 election.