Biden administration sanctions Russia for SolarWinds hack, election interference

The Biden administration on Thursday announced sanctions against Russia for its involvement in a recent major cyber espionage operation against the U.S., foreign influence operations around U.S. elections and other concerns.

As part of an executive order signed by President Biden, the administration through the Treasury Department will block U.S. financial institutions from purchasing bonds from Russia’s Central Bank, National Wealth Fund or Ministry of Finance after June 14 and from lending funds to these institutions. The directive also leaves open the possibility for the administration to expand the sanctions on Russian sovereign debt.

Additionally, the Biden administration is expelling 10 personnel from the Russian diplomatic mission in Washington, some of whom U.S. officials say are representatives of Russian intelligence services.

The Biden administration is also sanctioning six Russian technology companies that it says provide support for Russian intelligence operations, along with 32 individuals involved in Russian efforts to influence the 2020 election. An unclassified intelligence report last month said that Moscow sought to aid former President Trump and damage President Biden’s candidacy.

Biden sent a letter to Congress announcing the executive order against Russia on Thursday, noting that he had determined that “harmful” activities by the Russian government, including election interference and hacking efforts, “constitute an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States.” 

Senior administration officials later emphasized to reporters that the actions against Russia should be viewed as “resolute but proportionate,” and that the administration was prepared to take further steps if Russia continued its malicious activities against the United States.

“There are elements of this new EO that give us additional authorities that we are not exercising today,” the senior official said. “We would prefer not to have to deploy these authorities, but the scope and potential to cause meaningful impact should send a clear signal that continued harmful activities, including further election interference, further malicious cyber activities are unacceptable, and we are prepared going forward to impose substantial and lasting costs if this behavior continues.”

The sanctions have been in the works for some time. When Biden took office, he immediately ordered a review of Russia’s involvement in the massive SolarWinds hack, Russian election interference, the poisoning of Alexei Navalny and reported Russian bounties on U.S. service members in Afghanistan.

The SolarWinds hack, first discovered in December, involved Russian hackers exploiting software from IT group SolarWinds to gain access to as many as 18,000 customers, successfully compromising nine federal agencies and 100 private-sector groups.

U.S. intelligence agencies in January said the attack was “likely” carried out by Russian hackers but did not fully attribute it. As part of Thursday’s actions, the Biden administration issued a formal attribution naming Russia’s Foreign Intelligence Service (SVR) as the culprit behind what has become one of the largest cyber espionage attacks in U.S. history.

As part of the response to the malicious Russian hacking, the FBI, the National Security Agency and the Cybersecurity and Infrastructure Security Agency issued an alert Thursday providing details on vulnerabilities used by the Russian hackers, along with ways to further defend networks.

The alert exposed five vulnerabilities currently being used by the SVR to compromise organizations, with the three agencies urging all cybersecurity groups to “check their networks for indicators of compromise related to all five vulnerabilities” and “implement associated mitigations.”

Additionally, Biden is planning to sign a separate executive order in the upcoming weeks to strengthen federal cybersecurity, and the administration is working with foreign allies to create what a senior administration described as “a framework of responsible state behavior in cyberspace.”

“As the SolarWinds incident has shown, we have to build both domestic and international partnerships and threat intelligence sharing to ensure we can identify, defend against, and mitigate malicious cyber activity from Russia and other adversaries,” the official told reporters.

The administration, in coordination with U.S. allies, already announced sanctions to punish Russia for the Navalny poisoning and his subsequent jailing, with administration officials teasing since February that there would be a response around the SolarWinds hack in “weeks, not months.”

Foreign allies on Thursday expressed support for the Biden’s administration’s actions against Russia, with the United Kingdom separately assessing that the Russian SVR was behind the SolarWinds attack.

The European Union and its member states put out a joint statement to “express their solidarity” with the U.S., and condemn malicious cyber activity.

“The European Union and its Member States remain strongly committed and determined in their solidarity with their international partners in promoting a global, open, stable and secure cyberspace respecting human rights, fundamental freedoms, democratic values and principles and the rule of law, in order for everyone to safely live their lives online, as well as offline,” the EU said.

NATO’s governing body also issued a statement expressing support for the U.S. actions.

“Russia continues to demonstrate a sustained pattern of destabilising behaviour,” the NATO statement reads in part. “We stand in solidarity with the United States.”

The already-tense U.S.-Russia relationship has deteriorated further under the Biden administration as the new president has publicly blamed Moscow for its malign behavior, signaling a departure from the Trump era during which Trump often spoke warmly of Russian President Vladimir Putin and questioned the U.S. assessment of Russian election interference.

In an interview with ABC News in March, Biden said that Russia would “pay a price” for interfering in the 2020 presidential election and responded in the affirmative when asked if he believed Putin was a killer. Russia reacted angrily to his comments and recalled the Russian ambassador to the U.S.

Biden spoke with Putin by phone on Tuesday and “made clear that the United States will act firmly in defense of its national interests in response to Russia’s actions, such as cyber intrusions and election interference,” according to a White House readout. Biden also raised concerns about Russian military buildup along Ukraine’s border and proposed a summit in the coming months where the U.S. and Russia could discuss a range of issues.

“These actions are intended to hold Russia to account for its reckless actions. We will act firmly in response to Russian actions that cause harm to us or our allies and partners,” Secretary of State Antony Blinken said in a statement Thursday. “Where possible, the United States will also seek opportunities for cooperation with Russia, with the goal of building a more stable and predictable relationship consistent with U.S. interests.”

Updated at 10:48 a.m.