tv White House Press Secretary Deputy Natl Security Adviser Hold Briefing CSPAN March 21, 2022 7:43pm-8:02pm EDT
text messages and tweets. >> watch the confirmation hearing for supreme court nominee jackson. well this historic process live tuesday at 9:00 a.m. eastern on c-span, c-span.org or by download the free c-span now video app. >> deputy national security advisor says russia could be planning for a cyber attack on critical infrastructure in the u.s. and advise the private sector to be ready for those attacks but she spoke from the white house press briefing today. >> hi everyone. okay, we have a very special
return guests anna newberger who is here to provide a brief updating on cyber. you've probably seen the statement for the president be issued as multi fact sheet she will talk about that. as a little time to take some questions i'll turn it over too anna. >> thank you jen good afternoon everyone. this after the president released a statement with cyber threat to the homeland early and private sector partners to take immediate action to shore up their defenses against potential cyber attacks. we previously warned about the potential for russia to conduct cyber attacks against the united states including as a response to the unprecedented economic cost and alleys partners imposed with the further invasion of ukraine. today we are reiterating those warnings. i we are doing so the russian government is exploring options
with critical infrastructure in the united states. to be clear, there is no certainty that the cyber incident on critical infrastructure. so why am i here? because this is a call to action and occult to responsibility for all of us. are the presidents direction that you worked extensively over the last year to prepare to meet the sort of threat. providing unprecedented warning and advice to the private sector and mandating cyber security measures where we have the authority to do so. for example just last week federal agencies convened more than 100 companies to share a new cybersecurity information and light of the evolving threat intelligence. during those meetings we shared resources, tools, to help companies harden their security advisory and hands-on support from local fbi field officers
and regional offices including the shields up program. the meetings part of it extensive resilience effort that began in the fall prompted by the president. agencies like energy, epa, treasury and dhs have posted both classified and unclassified briefings with hundreds of owners and operators critically owned infrastructure. nsa and fbi have published cybersecurity advises that set out protections, the private sector can deploy to improve security. the present has also directed departments and agencies to use all existing government authorities to mandate new cybersecurity and network defense measures. you have seen us do that we have the authority to do so. including tsa that mandated directives for the oil and gas pipeline following the colonial pipeline incident that highlighted the resilience for that sector. our efforts together over the
past year have helped drive much needed and significant improvement. but there's so much more we need to do too have the confidence that we have blocked our digital doors, particular for the critical services americans rely on. those owners and operators haven't responsibility that we all rely on. they didn't use known vulnerabilities for which there are patches for this is deeply troubling. so we are urging today companies to take steps within your control to act immediately to protect the services the fact sheet released alongside the statement keynes specific actions to do.
including making security resources available to bipartisan infrastructure law and most recently for working across the aisle to require companies to report cyber incidents to the federal government. that will ensure federal resources are focused on the most important cyber threats to the american people. we welcome additional congressional work to identify new authorities they can help address gaps and drive down collective cybersecurity risk. bottom line, this is about us. the work we need to do to lock our digital doors and put our country in the best defensive position. as a president has said the united states is not seeking confrontation with russia. it's also said if russia conducts disruptive cyber toxicants critical infrastructure we will be prepared to respond, thank you. >> are those of you in the
aisles if you are not a photographer there plenty of seats if you could sit down that would be great and not crowd the others in the seat. so we do not have unlimited time you went it was many, many people as possible so go ahead. reporter: just a quick question on the attacks that happened on the 24th that's the day russia attacked ukraine we have obviously seen that impact and eastern europe and since in the fbi has issued a warning when the attacks happen against u.s. companies. as the use u.s. in a position to identify the hat? >> it's a really good question but first i would to lift up fbi, nsa also highlighted security measures u.s. companies can put in place to protect against exactly that kind of attack. we have not yet attributed that attack were carefully looking at it because the impact not only
in ukraine, but also satellite communication systems in europe as well. >> the attack perhaps the timing suggest quick those are certainly factors we are look at carefully as we look at who was responsible for them. reporter: revolving intelligence. [inaudible] can you explain that what you're seeing right now the precipitated this today and what it may be now compared to. [inaudible] >> absently the first part of that is you have seen the ministration continuously lead forward and share fragmentary pieces of information we have two drive in ensure maximum preparedness by the maximum sector soon as we learned about that last week we hosted classified briefings with companies and sectors we felt would most be affected and provided very practical focus. today's a broader unclassified briefing on teresa call for.
>> something specific last week is not affected. >> i want to reiterate there is no evidence of any specific cyber attack we are anticipating. there is some preparatory activity we are seeing on that so we shared in the classified calm text with those we thought might be effective barbara listing off a broader awareness in this room. reporter: when you say a call to action many who hear you say that might believe something is imminent. is it? >> out first i call to action as there are cyber attacks that occur every day but hundreds of millions of dollars were paid and ransoms u.s. companies just last year against criminal activity happening in the u.s. today. every single day there should be a call to action. we are using the opportunity of this evolving threat intelligence against potential cyber attacks through critical
infrastructure to reiterate those with additional focus specifically to critical infrastructure owners and operators use that you have the responsibility to take the steps to protect the critical services americans rely on. reporter: critical infrastructure the broad term. is it as broad as you typically mean it when the government speaks of our critical infrastructure? or is there something you scene you can more specific within that frame? i won't get into specific sectors at this time the steps needed to lock our digital doors need to be done across every sector of critical infrastructure but even though sectors that we do not see any specific threat intelligence for what truly want the sectors to double down and do the work that is needed. rewrite you guys, the administration successfully declassified a lot of intelligence leading up to the invasion. and you do that a little bit here and at least list some of the industries that might have specific targets?
>> we consider declassified in tilting her excellent point the last few weeks. driven by outcomes to avoid war at all costs, to really invest in diplomacy. so we considered this information the first step we did was we gave classified detailed briefings to the companies and sectors for which we had some preparatory information about. and then for those where we doubt has the today's unclassified briefing i want to live up the fact sheet which is the call to action for specific actions to do. >> industries but need to know? >> know we believe the key entities that need to know have been provided classified briefings by dimension for example just last week, several hundred companies were brought in to get that briefing. >> did the u.s. have any evidence that russia has attempted a hack or in ukraine in the last several weeks since
this began? >> we certainly believe russia has conducted cyber attacks to undermine and destabilize ukraine we should be to those a couple weeks ago. we consistently see nations during preparatory activity that preparatory activity can pan out to the incident and that's the reason we are here. >> the u.s. had an assessment early on we thought would be a likely target. why do you think we have not seen critical infrastructure in the united states. have cyber attacks a factor in. i can speak to is the preparatory work we have been doing here in the u.s. and the fact that as soon as we have some evolving threat intelligence regarding a shift in that intention that we are coming out and raising the awareness to heighten our preparedness. >> you can't so we stopped an attack on critical infrastructure? >> correct.
>> more preparatory activity on the part of the russians would be, what does that look like? >> preparatory activity could mean scanning websites that could be hunting for vulnerabilities, there is a range of activity militia cyber actors use whether the nation, state, criminal per the most troubling piece and one i mentioned a moment ago as he continue to see known vulnerabilities for which we have patches available used by even sophisticated cyber actors to compromise american companies to compromise companies around the world. that makes it far easier for attackers and it needs to be i joke i grew up in new york, you had a lock and alarm system. houses that didn't or left the door open clearly made it easier than it should have, right? no comment about new york. clearly we are asking for it lock your digital doors make it harder for attackers make them do more work. number of the practices we include the fact she will make
it significantly harder even for sophisticated actor to compromise the network. cluster should declare the warning today it's in response are you now fearing there might be more breast cyber risk because of or sing on the ground in ukraine? >> a good number of threat warnings of the last number of weeks that russia could consider conducting cyber attacks and the response to the significant neck cost to u.s. and partners. this speaks to evolving threat intelligence and a potential shift to do so. >> shoved a message for individuals talk about private companies or households, should they be worried? >> the items to apply to companies and individuals as well. specifically speaking to companies as a responsibility to protect critical services americans rely on. every individual should take a look at the fact sheet is truly helpful when we only put in place the things really try to
practice our work to practice ourselves. >> as part of the preparatory activity jeff evidence russia hackers have infiltrated u.s. companies that have not carried out the attack? let's as i noted we frequently see preparatory activity. whatever we do we do sensitive warnings to the individual companies and provide them information to ensure that look quickly at their network and remediate what may be a threat. reporter: have you seen the threat is implementation? >> technology is not as secure as it needs to be a mensch and the ransom or activism multiple nationstate actors of the line of work the community and tilted to fbi to knock on companies door and say we have seen evidence of an intrusion we will work with you make these available through our regional office to work with you to help you recover. that is pretty routine practice. but we are seeing now is an evolving threat intelligence to conduct potential cyber attacks
on critical infrastructure and that raises up a point because we are concerned about potential disruption of critical service. >> do you think the u.s. bank system is more vulnerable, less vulnerable the government has produced. >> truly takes cyber threats seriously. both individually and as a group or a treasury has worked extensively to share sensitive intelligence at the executive level, at the security executive letter repeatedly at classified level. i do not believe they are more at risk but it is always important for every critical infrastructure sector to double down in the heightened period of geopolitical tension to carefully look at any threats. >> can you paint a worse case scenario picture for us? what are you most worried about if people in the private sector to not take the steps? >> i won't get into
hypotheticals but the reason i am here is because of critical infrastructure, power, water, is in the united states are owned by the private sector. the federal government's extensive resources available and just walk in has offices near most famous sights in the united states they have their shields up program. we could make those resources available for the sectors we can mandate measures oil and gas pipelines we have. it's ultimately private sector's responsibility in her current authority structure to do those steps to use those resources to take those steps. the purpose here is to say americans rely on those critical services, please actor here to support with the resources we have. >> thank you. are you still seeing the russians carrying out cyber attacks inside ukraine? it's been a few weeks since we've been discussing that. as financial tools have been proven and effective that they
could possibly utilize? >> we do continue to see russia conducting significant malicious activity in ukraine, major kinetic attacks which have killed lives as well as cyber activity. we believe the unprecedented cost have levied is significant in that way. with regard to your question about whether cyber attacks were change i think the president was very clear we are not looking for complex with a russia. if russia initiates a cyber attack against the united states we will respond. >> thank you. ♪ c-span is unfiltered view of government. funded by these television companies and more including media come. >> the world changed an instant. media commerce ready schools and
businesses might virtual we powered a new reality. because at media, we are built to keep you ahead pick. >> media com support c-span as a public service along with these other television providers giving a front row seat to democracy. >> the mayor of kyiv his brother a member of the territorial defense spoke with the "washington post" by video conference from ukraine. they said they are willing to die to defend their city from the russian invasion. >> welcome to "washington post" live. columnist for the post i am honored to be joined today by two men on the front line of the ukraine war mayor of kyiv and his brother a member of the territorial defense forces. many and our audience will likely remember mote both of my
IN COLLECTIONSCSPAN2 Television Archive Television Archive News Search Service
Uploaded by TV Archive on