More than three months into Russia’s invasion of Ukraine, the U.S. Justice Department is girding for more Russian cyberattacks, the department’s top national security official said Thursday.

“At DOJ, we’re particularly focused right now on the cyberthreat from Russia,” said Matthew Olsen, head of the Justice Department’s National Security Division. “And we are bracing for the possibility of more attacks.”

Olsen made the remarks at a conference of the NATO Cooperative Cyber Defense Centre of Excellence. The Tallinn, Estonia-based organization this week approved Ukraine’s bid to join as a “contributing participant.”

Olsen’s comments echoed repeated warnings by the Biden administration throughout the Ukraine conflict that Russia is likely to carry out cyberattacks against the United States in response to punishing Western sanctions on Moscow.

In March, the FBI and the Cybersecurity and Infrastructure Security Agency warned about “possible threats to U.S. and international satellite communication networks.”

The warning came after a purported Russian cyberattack on U.S.-based telecommunications provider Viasat on February 24, the day Russia invaded Ukraine.

The attack left tens of thousands of Viasat’s Ukrainian customers without satellite service.

The attack, Olsen said, was “one of numerous recent examples” of Russian malicious cyberactivity.

 

SolarWinds attack

In a massive cyberattack in late 2020, Russian hackers exploited software developed by U.S.-based SolarWinds Corporation to compromise the computer networks of multiple U.S. government agencies and private companies.

In response, the Biden administration last year expelled 10 Russian diplomats and imposed sanctions on several Russian individuals and entities.

Olsen said the Justice Department is working with other law enforcement agencies and private companies to respond to cyberthreats.

“We are determined to hold accountable those who target and attempt to destroy the computer systems that support our critical infrastructure,” Olsen said.

In March, the Justice Department announced criminal charges against four Russian government employees in connection with two hacking campaigns that targeted the global energy sector between 2012 and 2018.

In addition to prosecuting hackers, the Justice Department has “taken more proactive steps to disrupt nation-state cyberthreats before a significant attack or intrusion can occur,” Olsen said.

He cited a 2021 court-authorized operation by the Justice Department to disrupt a Chinese hacking group’s exploitation of vulnerabilities in the Microsoft Exchange Server.

Olsen did not say whether the U.S. has taken any proactive steps against Russian cyber actors during the Ukraine conflict. But General Paul Nakasone, head of U.S. Cyber Command and the National Security Agency, told Sky News on Wednesday that the U.S. had conducted offensive cyber operations in support of Ukraine during the three-month-old war.