In the days leading up to President Joe Biden’s face-to-face meeting with Russian President Vladimir Putin, Rep. Chris Stewart argued it must be clear that if Moscow continues to allow cyberattacks to come from within its borders, the U.S. would strike back.
And Biden delivered just that message Wednesday during the three-hour summit in Geneva.
“I pointed out to him that we have significant cyber capability. And he knows it. He doesn’t know exactly what it is, but it’s significant,” Biden said in his post-meeting news conference. “And if, in fact, they violate these basic norms, we will respond with cyber. He knows.”
Stewart, a member of the House Intelligence Committee, responded with a mix of praise and criticism. The Utah Republican commended Biden for pressing Putin on human rights and for seeking a more stable relationship with this international foe. He also criticized Biden for taking actions that don’t match his rhetoric.
“Most recently, following a Russia-backed cyber terrorist attack on an American pipeline, he lifted sanctions on a Russian pipeline. This is not the kind of message we can send our foreign adversaries,” Stewart said in a statement. “It’s time to be tough on Putin. Russia is funding, training and protecting cyber terrorists. Moving forward, President Biden needs to be clear: If American infrastructure, businesses or citizens are attacked, we will strike back.”
Stewart has been increasingly frustrated that the U.S. government hasn’t forcibly responded after criminals used ransomware to get big paydays from Colonial Pipeline and JBS, one of the nation’s biggest suppliers of meat. The JBS attack temporarily shut down a meatpacking plant in Hyrum, Utah. The company ended up paying an $11 million ransom in bitcoin to restart operations.
The U.S. government believes networks of cybercriminals are operating out of Russia and with the support of the Russian government. One piece of evidence is that these groups attack Western companies, but not any in Russia.
“They have been attacking us for years with impunity; no one ever pays a price, and that policy has got to change,” Stewart said during an appearance Tuesday on Fox News. “By the way, I said the same thing under the Trump administration.”
The National Security Agency and presidents have been reluctant to fight a cyberattack with a cyberattack because they don’t want to show what the U.S. is capable of. Once used, such a digital weapon can then be countered. But Stewart, and some Democrats on the Intelligence Committee, believe the time has come to use these capabilities to deter future attacks. Stewart also believes the U.S. could impose more sanctions.
“At some point you have to say, ‘You are doing it so frequently with such impunity, it’s not just a criminal activity. This is now an attack on the American people,’” Stewart said on Fox News. “And I think we’ve reached that point. I think we reached that point previous to this.”
Stewart also joined two Democrats, including House Intelligence Chairman Adam Schiff, D-Calif., in sending Biden a letter June 8. In part, the letter said: “Most of the cyberattacks or ransomware attacks that occur in the United States are never reported to the public. The recent attacks against our fuel and food infrastructure represent only the tip of the iceberg. Foreign governments, criminal organizations, and lone-wolf operators will continue to relentlessly probe for weaknesses in our defenses and, inevitably, they will sometimes succeed. That is why, when we are able to identify our attackers, we should use our considerable technological advantage to deter further attacks using our own offensive capabilities.”
Biden said he gave Putin a list of critical national infrastructure that should not be a target for cyberattacks during peacetime. Biden said the list included 16 areas, including the energy sector and water system.
Putin denied any responsibility for cyberattacks and said more emanated from the U.S. than from Russia. Putin told reporters the two countries would begin “consultations” on cybersecurity.