Online Press Briefing with Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Tech

Moderator:  Good afternoon.  I would like to welcome everyone joining us for today’s virtual press briefing.  Today we are very honored to be joined by Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology at the National Security Council. 

I would like to note that the contents of this press availability will be embargoed after the conclusion of the call until 5:15 p.m. Brussels Time, or 11:15 a.m. Washington, D.C.  We will send participants the audio file of this call when the embargo is lifted. 

 And with that, let’s get started.  DNSA Neuberger, thank you so much for joining us today.  I’ll turn it over to you for your opening remarks. 

Ms. Neuberger:  Thank you very much, Justin.  Good morning, good afternoon, good evening to all of you, and thank you for joining us today.   

We’ve been warning for weeks and months, both publicly and privately, that cyber attacks could be part of a broad-based Russian effort to destabilize and further invade Ukraine.  The Russians have used cyber as a key component of their force projection over the last decade, including previously in Ukraine, in the 2015 timeframe.  The Russians understand that disabling or destroying critical infrastructure can augment pressure on a country’s government, military, and population, and accelerate their ceding to Russian objectives. 

Overall, we’re focused on three areas.  First, continue working with Ukraine and neighboring states to shore up cyber defenses.  Second, working with allies and partners, including through NATO, to shore up defenses and coordinate responses to further Russian aggression, if needed.  And last but not least, encouraging each country to shore up defenses at home as we are working to do in the United States.  And I’ll give you just some brief details on each of those buckets, and then I look forward to your questions.   

For the first, continue working with Ukraine and neighboring states to shore up cyber defenses.  We’ve been working closely with Ukrainians to harden their defenses and will continue to do so in the days ahead.  The Ukrainians have made progress, but significant improvements and resilience don’t happen in weeks, so we’re realistic about what we can achieve, and also focused on ensuring we have incident-response capacity available to them, if needed.  And there are many countries who are committed to providing incident-response capacity, if needed, and I’ve been talking to various European counterparts to coordinate that.  Our focus with the Ukrainians includes working to share information, build cybersecurity capacity, and support Ukraine’s ability to respond to and recover from cyber incidents. 

Second, working with allies and partners, including through NATO, to shore up our own defenses at home and coordinate responses to further Russian aggressions.  The current tensions in Ukraine and the potential for malicious cyber activity to be a core element of any escalation is a reminder to all countries of the importance of network defense and partnership.  And there’s much we can do to build on the progress we’ve made in our countries, NATO has made in the last year on cyber defense – to use this crisis to accelerate our progress. 

That’s the reason for my meetings in Brussels, meetings with my EU counterparts, consultation with the North Atlantic Council – to enhance national and alliance resilience in cyberspace – and then heading to Warsaw to meet with my Polish and Baltic counterparts as well as other members of the eastern flank NATO Allies.  In addition, during this trip I’ve held virtual meetings with my German and French counterparts, building on our ongoing engagement.   

Across all of these engagements, our focus is on ensuring that the U.S. and our allies and partners are prepared for any cyber-related contingency in the current environment, and also discuss how we coordinate and support Ukraine and each other in the event that such incidents occur. 

On the third bucket – shoring up our defenses at home – as many of you know, the U.S. has put tremendous focus on improving resilience of domestic critical infrastructure.  While there are not currently any specific credible threats to the U.S. homeland, we’re mindful for the potential of escalating, destabilizing actions in ways that may impact others outside of Ukraine.  And as such, as we’ve been doing in the U.S. and many of our allies and partners have been doing, we’ve been working with the private sector, engaging, sharing specific information, requesting that they act to reduce the cybersecurity risk of their organization, and providing very focused on advice on how to do so.  And these engagements are really part of the President’s overall focus on making cybersecurity a top-level priority, and [inaudible] improved domestic resilience in both the virtual and physical realm.   

And with that, we are moving out on these three buckets and I look forward to engaging with you, hearing your questions, and talking through this with you.  Justin, back over to you. 

Moderator:  Thank you very much for those remarks.  We will now turn to the question and answer portion of today’s briefing. 

Our first question goes to Zumrud Pashayeva with APA Information Agency in Azerbaijan.  “Recently, Ukraine was hit by a massive cyber attack on government websites, and these types of attacks are quite frequent.  So is there any support for Ukraine on this matter?” 

Ms. Neuberger:  Thank you.  Thank you, Zumrud, for that question.  First, and above all, driving improved resilience is a really important way to do so.  I will note that the Ukrainians made good progress on their own in responding to those attacks; the networks, the websites were back up quickly, and clearly Ukraine showed that they had the capacity to address the incident and to recover from there. 

The incident, though, highlighted the kind of destabilizing cyber activity that Ukraine may face in the context of what we view currently, and as such, part of this trip is the U.S. has been supporting Ukraine in its domestic resilience efforts, and part of this trip is discussing what European countries and others are doing as well to coordinate and ensure we have available the most effective capacity that the Ukrainians can call on as they wish to augment their own national capability and capacity.   

Moderator:  Great.  Thanks very much for that.  Our next question comes to us from Andrius Balciunas.  His question is:  “It was announced you will be traveling to Poland and meeting Polish and Baltic state officials on cybersecurity.  How concerned is Washington about possible cyber attacks about NATO’s eastern countries?”  

Ms. Neuberger:  Thank you, Andrius.  Part of the trip is highlighting that NATO’s eastern flank countries are indeed the eastern flank, and we know, as I’ve noted, that Russia has used cyber as a key component of their force – of their force projection, of their destabilizing activity, combined with disinformation.  So this is a proactive trip both to talk about improving resilience to highlight our commitment to that partnership, and to highlight overall NATO’s commitment to NATO member’s cyber resilience in that way.  

And as part of that broader context, NATO is preparing to call out any destructive – destructive or destabilizing cyber attacks – reinforcing the UN norms regarding responsible state behavior in cyberspace that our Allies and partners have signed up for, particularly the norms, as I said, regarding destabilizing activity.   

Moderator:  Great.  Thanks very much.  Our next question comes to us from Andrei Sitov with the TASS News Agency.  Please go ahead, Andrei.   

Question:  Hi.  Thank you for recognizing me for a question, and thank you, Ambassador, for doing this.  My question is about this threat of further aggression, as you call it.  In the cyber domain, do you see any proof that such plans even exist?  Because, as you know, Russia has been saying all this time that it has no such plans.  So what can you cite as evidence, cyber evidence, that the plans actually exist?   

Ms. Neuberger:  Andrei, thank you very much for the question.  Two parts.  In anything in security, there’s an “us” and a “them.”  In our homes, we lock our doors to ensure that we’re safe, and the equivalent of our digital doors we should be locking as individuals, as companies, and as countries.  So the first part of this trip is really building on the cyber-resilience work we’ve been doing in NATO, the European Union has been doing, the United States has been doing with allies and partners in a whole host of areas.  You saw the NATO cyber defense policy; you saw the International Counter Ransomware Initiative the U.S. started with 35 countries.  The first part is the message that we must lock our digital doors to be safe in an environment where big parts of our societies are digitally connected. 

The second part of that is the Russians have used cyber as a key component of their force projection over the last decade – in Ukraine, in Estonia, in Georgia just over the last decade.  And as such, given the current context where there are increasing tensions around Ukraine, it is wise to plan and to ensure that as an alliance, as a group of countries, we are fully prepared for potential destabilizing activity and we’re prepared for the range of that – from, as I said, resilience to incident response to calling out that activity if it does occur.  

Moderator:  Thank you very much.  Just as a reminder to folks participating via the Zoom app, you can raise your hand if you’d like to ask your question directly to DNSA Neuberger.  In the meantime, we have a question here from Szabolcs Panyi with Direkt36 in Hungary.  “Are you aware of any ongoing Russian cyber attacks in Central European NATO ally countries where there are negotiations about deploying more NATO troops?  How can you make sure that Russian cyber-espionage doesn’t hinder coordinated allied responses in Central Eastern Europe?  And finally, do you have any specific information you can share regarding Hungary, Slovakia, or the Czech Republic?”   

Ms. Neuberger:  So, Szabolcs – hagy vagy.  Thank you for being here today.  So our commitment to our allies and partners is a commitment to their security and to the security of the Alliance.  So the reason for the specific discussions with Poland and the Baltic countries is because those countries are the eastern flank, and much as we’ve talked about potentially augmenting our physical – our physical presence to ensure their safety, confidence and security – we recognize they may be feeling, having some concerns at this time – the same goes for their digital infrastructure and their cyber infrastructure.  And that’s the reason for that.   

And there’s no specific further information we have at this time, but it’s really part of the broader context of expressing support, underlining that support by showing up, and by doing the work to demonstrate our commitment to and the partnered approach to increased resilience.  As you may know, Poland is the Chair of the OSCE, and certainly the OSCE’s work on confidence-building measures during – regarding technology, engaging when there’s activities that are of concern – is an important framework for us to look at, so we’ll be discussing that with Poland as well.   

Moderator:  Great.  Thank you very much for that response.  Our next question comes to us from Michael Fiorentino with NBC.  Please go ahead, Michael.   

Question:  Hi.  Thanks for this.  I was just wondering:  Ukraine has a pretty strong private sector in terms of cyber defense.  Does the U.S. and NATO have any plans for backing that up as well, or only on the state level? 

Ms. Neuberger:  That’s a really great question, because Ukraine does have a strong technical base, which it can draw on for its network-defense efforts and, indeed, in talking with the Ukrainians we’ve seen they have put effort in these last years to augment their resilience, particularly of critical infrastructure, drawing on the technical base, right?  Every country is as strong as and as capable as its people.  

So certainly our role as allies and partners is supporting and augmenting Ukraine’s own efforts, and we know that tapping into that strong technical base is a goal of the Ukrainian government.   

Moderator:  Thank you very much.  Our next question was – is from the Q&A queue.  It’s from Joe Barnes with the Daily Telegraph in London.  “Could a Russian cyber attack be the precursor for a military incursion into Ukraine?  Is it your understanding that Russian cyber attacks have the ability to take out key NATO systems that would be the core to the Alliance in the event of an incursion?”   

Ms. Neuberger:  Thank you, Joe.  So I won’t comment on hypotheticals.  I’ll talk about just generally:  What we see is Russia has used cyber as part of or in partnership with kind of kinetic operations as part of destabilizing a population, a government, potentially making it more difficult for communications.  The goal of disinformation, which I think you’ve heard Secretary Blinken and others highlight – the goal of Russian disinformation is to augment that activity, to shake confidence in a country’s government or to make it difficult to assess a situation. 

So as part of that, our core goal is preparedness and coordinating on ensuring rapid ability to respond to incidents, rapid ability to counter disinformation, and ensuring as well that we call out any disruptive, destructive, or destabilizing cyber attacks as part of augmenting and reinforcing the international norms and highlighting that all countries have to behave responsibly in cyber space.   

Moderator:  Thank you very much for that.  Our next question comes to us from Mattia Bagnoli with the ANSA News Agency in Italy.  Please go ahead, Mattia.   

Question:  Yes, hi.  Thank you for having me with you today.  My question is a specific one.  I mean, do you have an assessment about the current Russian capabilities in terms of cyber?  Were they – are they pretty much just like they were before when they attacked Ukraine the first time, or supposedly attacked Ukraine the first time, or they grew and now it’s – in terms of the degree of the risks they pose it’s an increased threat?  Thank you. 

Ms. Neuberger:  Mattia, thank you for the question.  The Russians have a capable cyber program building on the country’s technical strength in math, in engineering, in cryptography.  And certainly, we have seen the – we’ve seen the Russian government leverage its cyber units to achieve its national objectives.  And as such, the purpose of this – of our discussions is to underscore the unity of the Alliance in our capability to defend Allies and partners and to work closely with the Ukrainians to harden their defenses to ensure that they are able to defend themselves – much as they’re able to defend their domestic sovereign borders, to defend their digital borders as well. 

Moderator:  Great.  Thank you very much for that.  Our next question comes to us from Sean Lyngaas with CNN.  He asks:  “What role is U.S. Cyber Command playing in the effort to protect Ukrainian networks from  hacking threats from Russia and elsewhere?”   

Ms. Neuberger:  Thank you for the question, Sean.  So I won’t get into specifics of the U.S. support at this time, but, as you noted, commitment to that defense and working to augment the Ukrainian native capability is something the U.S. is currently doing and will continue to do in the days ahead.   

Moderator:  Great.  Thank you very much for that.  Our next question comes to us from Andrei Luca Popescu with Panorama in Romania.  “Is Romania or any other NATO member state leading the cyber-defense efforts in Ukraine on the model of NATO-Ukraine Trust Fund on Cyber Defense?  What kind of support does NATO offer Ukraine in this domain?”   

Ms. Neuberger:  Thank you very much, Andrei, for the question.  There are many NATO Allies who have – who have capability to provide support both to NATO members as well as to partners.  And really, the goal of NATO, of what the EU is doing, is coordinating that support to ensure that the capacity is provided in a way that is helpful.  And of course, as I noted, the Ukrainian government is really the key customer here, and they have to determine what support they need, when and where, to augment their own national capabilities.  

Moderator:  Great.  Thank you very much.  Unfortunately, we only have time for one more question as DNSA Neuberger does have to run to the NAC meeting at NATO Headquarters.  So the final question comes to us form Oana Despa with Radio Free Europe in Romania.  The question is:  “What are the cyber threats on ex-communist countries, which are in Ukraine’s neighborhood, such as Romania?  What should these countries expect in the next days or weeks?  Which are the specific narratives of disinformation regarding the situation in Ukraine that are spreading to neighboring countries?”   

Ms. Neuberger:  Thank you for the question.  I’ll – it is a really good one because disinformation is a significant threat, and I think the disinformation narratives we have seen – or I would say I’ll focus on the core narrative, which is:  First, the disinformation narratives are that Ukraine is the source of the crisis; that is not the case – Russia is the source of the crisis; Russia’s amassing a hundred thousand troops near Ukraine’s border is really the first piece. 

The second piece is that there are significant NATO forces in Ukraine, significant threats in Ukraine to Russia – that is not the case.   

And that, finally, that there is no alternative but for a military alternative, which, as Secretary Blinken, as the president – the United States President, as other European leaders have made clear, we are committed to diplomacy, we are committed to talking to the Russian government, to hear Russian concerns, to engage constructively on that – as you know, there are three different channels that are currently being pursued to ensure that every possible diplomatic approach is being used. 

So to the question, ensuring that the population hears the true narratives, which are that the United States, NATO, Ukraine seek peace and seek a peaceful alternative to the current approach and are willing to – and have been – engaging is the key.  Because in all of our populations, unity is important and ensuring that our people understand the context in which their governments make decisions, the context in which groups of governments are working together to make decisions towards the goal of peace and stability for Russians, for the Russian population, the Ukrainian population, and really, globally as well.   

Moderator:  Thank you very much for those – for that answer, DNSA Neuberger.  That is, unfortunately, all the time that we have for today.  Before we go, do you have any concluding remarks to offer? 

Ms. Neuberger:  Thank you very much.  I thank you all for the time today.  I look forward to the – both to addressing the NAC and to consulting with NAC members and Allies and hearing their perspectives as we seek to make rapid progress and drive unity of effort in hardening those defenses, and looking forward to the remainder of the trip as well.  And a thank you to all of you for taking the time to engage and to ensure that we can communicate the goals for our – for the Alliance, for our European Union allies in the current context.   

Moderator:  We’d like to thank you once again, DNSA Neuberger, for taking the time to join us and thank all of the reporters on the line for all their questions.   

As a reminder, the contents of this press availability will be embargoes until after the conclusion of the call – or until 5:15 p.m. Brussels Time and 11:15 a.m. Washington, D.C.  We will send participants the audio file of this call when the embargo is lifted.  We will provide a transcript as soon as – again, as soon as the embargo is lifted.  We’d also love to hear your feedback, and you can contact us at any time at TheBrusselsHub@state.gov.  Thanks again for your participation and we hope you can join us for another press briefing soon.  This concludes the call.