But Mr. Biden’s comments highlighted the reality that NATO and the European Union have never acted in concert in responding to a broad cyberattack. When Russia was blamed for the SolarWinds supply chain attack in late 2020 and early 2021, which affected the U.S. government and hundreds of global firms, only Washington announced significant sanctions. And Mr. Biden himself pulled back from warnings during the transition to the presidency that he would authorize a counter cyberattack.
“I chose to be proportionate,” he said last year when he imposed the sanctions. “The United States is not looking to kick off a cycle of escalation and conflict with Russia. We want a stable, predictable relationship.”
Mr. Biden’s staff has since all but abandoned hope of stability and predictability with Mr. Putin. The administration is quickly returning to strategies of deterrence while mapping out what kind of efforts the United States could engage in to disrupt Russian cyberoperations without triggering direct conflict with Moscow. That is where Ms. Neuberger’s trip fits in; she worked on both defensive and offensive operations when she served at the National Security Agency.
Some of the cyberattack techniques that Russia has perfected in Ukraine have been used in the United States. Actions that Russia took to influence the 2014 Ukrainian election became the model for election interference in 2016. Four years ago, the Department of Homeland Security warned that Russia had targeted American and European nuclear power plants and water and electric systems with malware that could potentially paralyze them; the United States responded in kind.
But the Russians have never pulled off a major disruptive attack on the United States; even the Colonial Pipeline attack, which led to long gasoline lines last year, was a criminal ransomware case gone bad. U.S. intelligence officials doubt that Mr. Putin will launch direct, disruptive attacks on American infrastructure and believe that he will avoid a direct confrontation with the United States.
“The last thing they’ll want to do is escalate a conflict with the United States in the midst of trying to fight a war with Ukraine,” Dmitri Alperovitch, a founder of Silverado Policy Accelerator, a think tank, and the former chief technology officer of the cybersecurity firm CrowdStrike, noted recently.
American officials say they agree. But that is a prediction, they note, not a guarantee. Two weeks ago, the Cybersecurity and Infrastructure Security Agency issued a warning to American companies to be on the lookout for telltale signs of Russian-created malware, and last week, Britain did the same.