Deputy national security adviser Anne Neuberger said during Monday’s White House briefing that Russia had been conducting “preparatory activity” for cyber attacks, which she said could include scanning websites and hunting for software vulnerabilities.”
There are at least 18 US companies in other sectors, such as defense and financial services that were subjected to the scanning, the FBI said.
There are no confirmed breaches related to the scanning, but the FBI advisory is the latest in a chorus of warnings from US officials to critical infrastructure operators to be on alert for potential Russian hacking. “The magnitude of Russia’s cyber capacity is fairly consequential and it’s coming,” Biden told business executives on Monday.
The Russia-based Internet Protocol addresses, or data that identifies a computer, are “believed to be associated with cyber actors who previously conducted destructive cyber activity against foreign critical infrastructure,” the FBI said in its advisory.
“This scanning activity has increased since the start of the Russia/Ukraine conflict, leading to a greater possibility of future intrusions,” the FBI memo states.
For months, the US departments of Energy, Treasury and Homeland Security, among others, have briefed big electric utilities and banks on Russian hacking capabilities, and urged businesses to lower their thresholds for reporting suspicious activity.
It was not immediately clear if the FBI was referring to that same hacking group in its recent advisory. An FBI spokesperson did not immediately return a request for comment.