Defense Secretary Lloyd Austin told CNN the United States has “offensive options” to respond to cyberattacks following another major attack that is believed to have been carried out by the Russian group behind the SolarWinds hack.
“We have the capability to conduct offensive operations. We also have significant capability to be able to, to defend ourselves and we always look at defending forward from a military perspective,” Austin told Barbara Starr in an exclusive interview Friday.
“I have a number of offensive options,” Austin said, though he did not specifically refer to the latest attack. “We will always maintain credible, effective options.”
A fuller version of the interview with Austin will air on CNN on Monday.
Austin’s comments come after the hackers behind one of the worst data breaches ever to hit the US government launched a new global cyberattack on more than 150 government agencies, think tanks and other organizations, according to Microsoft.
The group, which Microsoft calls “Nobelium,” targeted 3,000 email accounts at various organizations this week — most of which were in the United States, the company said in a blog post Thursday.
It believes the hackers are part of the same Russian group behind last year’s devastating attack on SolarWinds — a software vendor — that targeted at least nine US federal agencies and 100 companies.
The White House’s National Security Council and the US Cybersecurity and Infrastructure Security Agency (CISA) are both aware of the incident, according to spokespeople. CISA is “working with the FBI and USAID to better understand the extent of the compromise and assist potential victims,” a spokesperson said.
When asked about the United States’ ability to get ahead of any further cyberattacks, Austin told Starr on Friday it is his responsibility to present President Joe Biden with offensive options.
“My job is to is to create the options for the President to be able to choose when he desires to respond. We want good options for him to choose from. And so that’s what, that’s what the Department of Defense is focused on,” Austin said.
Cybersecurity has been a major focus for the US government following the revelations that hackers had put malicious code into a tool published by SolarWinds. A ransomware attack that shut down one of America’s most important pieces of energy infrastructure — the Colonial Pipeline — earlier this month has only heightened the sense of alarm. That attack was carried out by a criminal group originating in Russia, according to the FBI.
Austin on Friday doubled down on the US government’s concentration on the cyber battlefield.
“The cyber domain is really important, it is a part of the, of the battlespace, it’s a part of the architecture, something that we have to not only pay attention to, but we have to be dominant in,” he said.
“I’m confident that we can continue to do what’s necessary to not only compete, but stay ahead in this in this, in this domain.”