Russia Considering U.S. Cyberattacks Stemming from Ukraine Response
Everyone is apparently a fair target these days.
Russia will consider launching cyberattacks against the United States in response to any involvement in a potential war in Ukraine.
According to CNN, the Department of Homeland Security (DHS) distributed an intelligence bulletin to critical infrastructure operators, and state and local governments warning of potential Russia cyberattacks.
Russia maintains a range of offensive cyber tools that it could employ against U.S. networks, it said. That includes low-level denials of service to destructive attacks targeting critical infrastructure.
According to NBC News, Russia President Vladimir Putin has dispatched an estimated 100,000 troops on Ukraine’s border. The United States and its European allies are scrambling to deter an invasion.
Roger Grimes is data-driven defense evangelist at KnowBe4. He said it’s considered fairly natural for cybersecurity attacks to accompany kinetic, real-world battles.
KnowBe4’s Roger Grimes
“The Cybersecurity and Infrastructure Security Agency (CISA) sent out a warning last week for American organizations to be doubly prepared for additional Russian-originating cyberattacks,” he said.
In the past, only directly involved parties – government and government-related contractors and suppliers – had to worry about attacks, Grimes said.
“But Russia has changed that equation enormously over the last year,” he said. “Nation-state attacks are happening by the tens of thousands and occurring against organizations with no direct government affiliation.”
Everyone Is a Target
Everyone is apparently a fair target these days, Grimes said.
“It is really a change in the state of nation-state attacks and cyberwarfare,” he said. “And it is permanent at least until we get a Geneva Conventions-like peace agreement on what is and is not allowed in the cyberspace. Right now, it is do what you want with near impunity, with low risk.”
We are in an especially dangerous and risky time, Grimes said. That’s because no one knows what the response will be if one side or the other goes too far.
“For example, if one side unilaterally attacks another side in cyberspace, does that mean that a kinetic response is allowed or warranted?” he said. “Does one side overreact?”
Tim Erlin is vice president of strategy at Tripwire. He said we have yet to see cyberattacks used in concert with a full-fledged military campaign.
DHS’s warning sets the expectation that something has changed in the threat profile, he said. Furthermore, organizations should prepare for a change in the types of attacks they see.
Cybersecurity Calls for Constant Defense
It’s entirely valid for organizations to wonder what they’re supposed to do differently when faced with a warning of Russia cyberattacks, Erlin said.
Tripwire’s Tim Erlin
“Cybersecurity calls for constant defense already,” he said. “And an alert like this doesn’t magically remove the obstacles that are preventing organizations from implementing solid security controls. For most companies, a DHS alert simply doesn’t create budget or add people to their staff.”
Tom Garrubba is vice president of Shared Assessments.
Shared Assessments’ Tom Garrubba
“All organizations should be operating at an increased state of alert as the threat environment has expanded greatly due to geopolitical issues,” he said. “Continuous intelligence, monitoring and dialogue with critical partners and suppliers should be ongoing to ensure all is ready … and additional support is available in the event something was to occur.“
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
Read more about:
MSPsAbout the Author
You May Also Like