The White House has disputed claims that Vice President Joe Biden has given permission for launching significant cyberattacks against Russia to disrupt the country’s capacity to maintain its military operations in Ukraine.
“Disrupting internet connectivity across Russia, shutting off electric power, and tampering with railroad switches to hamper Russia’s ability to resupply its forces,” as reported by NBC News on Thursday. Russia’s military troops have launched a full-fledged invasion of Ukraine. According to press secretary Jen Psaki, NBC got it wrong. She stated in a tweet that “this report on cyber options being presented to @POTUS is off-base and does not reflect what is actually being discussed in any shape or form.”
As of Thursday morning, NBC’s sources – two US intelligence officials, one Western intelligence officer, and another individual knowledgeable on the situation – said no final judgments had been made.
According to one of those sources, the options range from vexing to disastrous: “You could do everything from slow the trains down to have them fall off the tracks,” an individual knowledgeable on the situation claimed. However, as per NBC, that source also indicated that most of the potential actions on the list of possible cyberattacks (a list that press secretary Psaki acknowledged was wrong) would be disruptive rather than destructive, therefore falling short of an act of war by the US against Russia.
NBC’s sources revealed that the reported hacking choices were provided regardless of the risk of Russian retaliation. And it would react, as predicted by cybersecurity experts, whether it was in response to sanctions, any arms/material support the US would deliver to the Ukrainian opposition, or any cyberattacks the nation could undertake.
There has already been a flurry of destructive cyber-activity coincided with Russia’s force deployment to Ukraine. On Tuesday, a wave of distributed denial-of-service (DDoS) cyberattacks targeted critical political, military, and economic institutions in Ukraine, including banks. Additionally, cybersecurity firms ESET and Broadcom’s Symantec announced earlier this week that HermeticWiper, a new data-wiping virus, had been identified on hundreds of devices on Ukrainian networks.
According to an article by the Digital Shadows Photon Research team, researchers discovered that in some cases, the malware had been generated in December 2021, showing that the attack had been planned in advance. Another research found that HermeticWiper was launched straight from Windows domain controllers in other investigations, implying that attackers had prolonged access before execution.