The U.S. Must Prepare to Withstand a Cyberattack

“Shields up,” the Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) warned this week. The White House has threatened to impose punishing financial sanctions on Russian banks and restrict key technology exports to deter further Russian aggression against Ukraine, but if the seemingly inevitable happens—Moscow invades, Washington responds, and Moscow parries back—is America prepared to withstand the onslaught? There is no indication the Biden administration, or its predecessors, have ensured the answer is yes. 

The Kremlin has ignored prior slaps on the wrist—after it seized Crimea in 2014 and after the Skripal poisoning in the United Kingdom in 2018—and so the new sanctions will need to be economically devastating. Back in 2018, then-Prime Minister Dmitry Medvedev called sanctions “a declaration of economic war,” and pledged that Russia would “react to this war economically, politically, or, if needed, by other means.” With a limited ability to retaliate with its own financial sanctions, the Kremlin may turn to cyberattacks. In the U.S. government’s own words, “The Russian government understands that disabling or destroying critical infrastructure—including power and communications—can augment pressure on a country’s government, military and population and accelerate their acceding to Russian objectives.”

DHS warned U.S. companies last month to bolster their cybersecurity. While hardening corporate America’s cyber defenses is essential, robust planning requires having contingencies for when defenses fail. The U.S. government must be ready to help the American economy recover rapidly after a significant cyber event, which could simultaneously bring down the power, water, banking, and telecommunication sectors. 

Congress had precisely this type of crisis in mind last year when it tasked the Biden administration with crafting a Continuity of the Economy (COTE) plan. Such a plan would identify the optimal steps toward recovery and prioritize the flow of goods, services, information, and resources to the most critical sectors of the economy while accounting for their overlapping requirements and interdependencies.