NATO considers its options as Russian forces remain poised in assembly areas near Ukraine. The AP has reviewed the Alliance's military options. Both retaliation and inaction carry significant near- and long-term risks. And despite Russian statements placing little hope in diplomacy, and despite Moscow's expectation of receiving a formal response to its soft ultimatum sometime today, the New York Times reports that US Secretary of State Blinken still plans to meet Russian Foreign Minister Lavrov in Geneva tomorrow.
White House press secretary Jen Psaki yesterday issued a statement clarifying the US position on the crisis over Ukraine in a way that seems to resolve any such diplomatic ambiguity. It's brief and clear enough to warrant quoting in full:
"President Biden has been clear with the Russian President: If any Russian military forces move across the Ukrainian border, that’s a renewed invasion, and it will be met with a swift, severe, and united response from the United States and our Allies. President Biden also knows from long experience that the Russians have an extensive playbook of aggression short of military action, including cyberattacks and paramilitary tactics. And he affirmed today that those acts of Russian aggression will be met with a decisive, reciprocal, and united response."
CISA has urged organizations to take steps to shore up their defenses in advance of possible Russian cyber operations. Last week's data-wiping attacks against Ukrainian targets are seen, BleepingComputer reports, as a bellwether.
US President Biden yesterday morning signed National Security Memorandum / NSM-8 (Memorandum on Improving the Cybersecurity of National Security, Department of Defense, and Intelligence Community Systems) which specifies how Executive Order 14028, Improving the Nation’s Cybersecurity, will apply to National Security Systems (NSS), most of which are operated by the Department of Defense and the Intelligence Community systems. It brings these systems' cybersecurity under the supervision of the National Security Agency (NSA), and it gives NSA authority to issue Binding Operational Directives to the organizations that operate the systems. "This directive is modeled on the Department of Homeland Security’s Binding Operational Directive authority for civilian government networks," the White House fact sheet that accompanied NSM-8 says. Russia isn't specifically mentioned in NSM-8, but the timing and context of the memorandum clearly suggest that it was issued with current threats from Russia in mind.
The CyberWire's continuing coverage of the crisis in Ukraine may be found on our site.