National Cyber Director Chris Inglis warned on April 21 that the U.S. and its allies have to stay on high alert for possible Russian cyberattacks, although no major attacks appear to have been launched thus far since Russia invaded Ukraine in late February.
Inglis said he cannot predict with any certainty at what point the Russians might attack the U.S. or its NATO allies, but emphasized that cyber experts have compiled sufficient strategic warnings of that possibility.
An attack on the U.S. and allies would be a “fraught decision that has dire consequences on both sides, and I don’t know that decision has ever been made or that it’s eminently predictable with the precision we might prefer,” Inglis said at an event hosted by the Council on Foreign Relations.
Gathering evidence for backing up strategic warnings of future attacks, he added, is a collaborative effort not just between nations, but between the private sector and the public sector. By combining insights, assets, and capabilities these organizations can gather more insightful warnings that better support defense against possible attacks by the Russians, he said.
“So, if one entity sees something that might not be visible to another … we can compare and contrast so that we could discover things together [that] no one can discover alone,” Inglis said. “That’s the game before us: how do we put ourselves on the front balls of our feet to anticipate and to react to [possible attacks].”
Inglis said he viewed the U.S. as being in a “reasonably good place” when it comes to cyber-surveillance. Recently several Federal law enforcement agencies, including the Cybersecurity and Infrastructure Security Agency, issued a joint cybersecurity advisory that laid out a comprehensive view of the cyber threat Russia poses to critical infrastructure owners.
He also noted that Federal agencies and cyber experts also have a collective understanding “behind the power” in cyberspace, and in the last few years have integrated or begun to implement a process to make it more resilient and secure.
But going forward, Inglis said, partnerships are key to defending not just U.S. cyberspace but those of allies too. An adversary might seize the initiative to attack a solitary target, but “we need to make it so that they have to beat all of us to beat one of us,” he said.