Russia will be made to pay for its acts of cyber aggression on the international stage, Rob Joyce, special assistant to the president and White House cybersecurity coordinator, told CNBC on Friday.

The act in question was the malware attack known as NotPetya that wiped out billions of dollars as it spread across 64 countries in July 2017. The White House, for the first time Thursday, directly blamed Russia's military for the attack.

"We're going to work on the international stage to impose consequences. Russia has to understand that they have to behave responsibly on the international stage," Joyce said at the Munich Security Conference in Germany. "So we're going to see levers the U.S. government can do to impose those costs."

A veteran of the intelligence community, Joyce spent 27 years at the National Security Agency prior to this current post in the White House.

NotPetya appeared in Ukraine last July and spread to Europe and the U.S., wreaking havoc on businesses including banks, shipping ports, law firms, transportation networks and government agencies in what's been considered the costliest cyber attack in history.

In total, it affected more than 80 companies in Russia and Ukraine and thousands of systems internationally, and caused billions of dollars in damage. Major companies like AP Moller-Maersk, Merck, FedEx and Rosneft were among those hit. The Kremlin, meanwhile, stated that NotPetya had not caused major damage in Russia.

"We saw an indiscriminate attack launched by Russia against Ukraine in the ongoing hostilities there. What they used was a cyber weapon that was launched in the dark, that hit numbers of companies, individuals, and caused damage to our economies, it stopped shipping from moving… it literally shut (companies) down," Joyce said. "And that is unacceptable."