Biden promises retaliation for cyberattack on government agencies

President-elect Biden on Thursday said that a suspected Russian cyberattack on multiple government agencies and U.S. companies "is a matter of great concern" and promised to impose "substantial costs" to those responsible for the attack.

Driving the news: Biden's statement came just hours after the Cybersecurity and Infrastructure Agency alerted that evidence suggested that additional malware was used in what it described as “a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.”

Context: The cybersecurity firm FireEye said last week that its systems had been hacked by nation-state actors and that its clients, which include the U.S. government, had been placed at risk.

• SolarWinds, which provides software to the government and corporations, also discovered a breach in its systems this week, allowing hackers to access information from multiple agencies and companies — including the Treasury, Commerce and Homeland Security departments.

What they're saying: "I have instructed my team to learn as much as we can about this breach, and Vice President-elect Harris and I are grateful to the career public servants who have briefed our team on their findings and who are working around-the-clock to respond to this attack," Biden said on Thursday.

• "A good defense isn’t enough; we need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place."
• "We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners. Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation."

The big picture: President Trump has been largely silent about the attack, though the White House has held emergency meetings with officials across multiple agencies to address the breach, according to Bloomberg.

Thomas Bossert, Trump's former homeland security adviser, wrote in the New York Times on Wednesday, "The magnitude of this ongoing attack is hard to overstate."

• "It will take years to know for certain which networks the Russians control and which ones they just occupy."

Go deeper: Russian hacking group is behind Treasury and Commerce email breach