The US And Its Allies Are Ready To Retaliate Against A Russian Cyberattack, But Not Yet Concretely What Form It Will Take

JAKARTA - The United States and its allies are ready to respond to a Russian cyberattack amid rising tensions in Ukraine. According to US and European officials on Tuesday, February 15, they will carry out retaliatory measures or sanctions depending on the severity of the hack.

US President Joe Biden spoke hours after Ukraine reported the Ministry of Defense and two of its banks had been hacked. Biden told reporters that Washington is coordinating closely with NATO allies and other partners to expand defenses against cyber threats.

From the beginning of this crisis, I have been clear and consistent: The United States is prepared no matter what happens. We are ready for diplomacy to improve stability and security in Europe as a whole. And we are ready to respond decisively if Russia attacks Ukraine.

— President Biden (@POTUS) February 15, 2022

The unexpected attack according to Western security experts was carried out by the Russian side, said US and European officials, who asked to remain anonymous.

Russia's Federal Security Service did not immediately respond to a request for comment from Reuters on the allegations.

"The president has said we will respond to Russian actions in addition to a military invasion," a US official said. "But what is decided depends on the extent of the cyberattack. There are so many ranges, it's hard to go into specifics."

A European diplomat said cyberattacks are a long-standing component of Russia's strategy, and have been used by Moscow in past military confrontations with Georgia and Ukraine.

"It's part of their guidelines," the official said, underscoring the West's determination to use concerted action to hold Moscow accountable for cyberattacks and other "bad behavior".

So far, US, European and Canadian officials have drawn up detailed sanctions packages if Russian troops physically attack Ukraine. But there are no detailed plans on how to respond to the cyberattack, the sources said.

That's partly because it can take time to determine who exactly is responsible, especially in the case of a denial of service attack (DDOS), officials said. DDOS attacks work by redirecting fire hoses of internet traffic from multiple sources to a server or other target, with the aim of disabling the server.

More aggressive and destructive attacks tend to attract more vicious responses. Some countries - including France - generally prefer to avoid blaming the public for cyberattacks, one European official said.

The response could involve actions other than sanctions, including physical or cyberattacks on the servers involved, said a cyber expert familiar with Western planning.

Many Russians held responsible for cyberattacks in the past have appeared on the sanctions blacklist, but many more could be added, two other officials said.

Negotiations between US and European officials in recent weeks have focused more on adjusting the sanctions likely to be imposed in the event of a physical invasion - and their impact on Russia and the imposing countries - rather than mapping out a menu of options for cyberattacks, a European official said.

"There is no detailed roadmap for what to do in the event of a cyberattack," said a European diplomat. "That will depend on the specifics of the case."