Russia Lays Groundwork for Cyberattacks on US Infrastructure – White House

“Evolving intelligence” shows Russia amping up for cyber-war in response to Ukraine-related sanctions, the White House said — but researchers warn that many orgs are not prepared.

The Russian government is exploring “options for potential cyberattacks” on critical infrastructure in the U.S., the White House warned on Monday, in retaliation for sanctions and other punishments as the war in Ukraine grinds on.

Officials said that its latest intelligence shows cyber-related “preparatory activity” on the part of President Vladimir Putin’s government, though White House deputy national security adviser for cyber and emerging technology Anne Neuberger emphasized that no concrete threat has been identified.

“To be clear, there is no certainty there will be a cyber-incident on critical infrastructure,” she told reporters during a briefing. She added, “There is no evidence of any specific cyberattack that we are anticipating. There is some preparatory activity that we’re seeing and that is what we shared in a classified context with companies who we thought might be affected.”

Infosec Insiders Newsletter

That observed prep work includes vulnerability scanning and website probing, she added, declining to add any specifics. She noted that officials were holding more detailed classified briefings with organizations they believe could be targeted.

“The current conflict has put cybersecurity initiatives in hyperdrive, and today, industry leaders aren’t just concerned about adversaries breaching critical infrastructure but losing access and control to them,” Saket Modi, co-founder and CEO at Safe Security, said via email.

In tandem with the briefing, the White House released a cyber-preparedness fact sheet, and President Joe Biden issued the following statement:

“I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners. It’s part of Russia’s playbook. Today, my Administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks.”

The fact sheet contains basic advice for hardening cyber-defenses, including employee awareness education; implementing multifactor authentication; keeping patching up-to-date; ensuring backups for data; turning on encryption; red-team exercises; and updating security tools.

“This is a call to action and a call to responsibility for all of us,” Neuberger said, again citing a “potential shift in intention” by Russia.

Organizations Are Not Prepared for Russian Attacks

Jason Rebholz, CISO at Corvus Insurance, noted that basic cyber-hardening should have begun long ago.

“The White House’s best practices echo security fundamentals – something every organization should strive for,” he said via email. “For many organizations, the time to implement was several years ago, as the frequency and severity of attacks began to escalate. Like planting a tree, the best time to secure your organization was ten years ago. The next best time is today. Organizations that have not addressed the key items and hardened their cyber-defenses are at a significantly greater risk of compromise.”

Beyond the basics, there are other challenges in being prepared for an onslaught from Russia’s considerable cyber-arsenal, Modi said.

“While governments and businesses have started pivoting towards proactive cybersecurity, it is difficult to do so without addressing the three major challenges in cybersecurity that organizations face,” he explained. “There are too many cybersecurity products that do not communicate with each other, and this siloed approach leads to managing cybersecurity reactively. Finally, despite increased attention on the need for a better disclosure mechanism of cyberattacks, cybersecurity communication continues to be a challenge since it often lacks a business context.”

Meanwhile, Danny Lopez, CEO at Glasswall, pointed out that the real risk involves zero-day exploits and other unknown threats.

“Putin is playing a long game. War is costly both in terms of human and economic terms. If we see a de-escalation of the situation on the ground, we are likely to see an escalation of cyber warfare,” he told Threatpost. “There are no patches for [unknown zero-day] and they wreak havoc within hours, whilst the security services and technology industry tries to catch up. These are extremely dangerous to governments as well as businesses.”

The bottom line is that organizations should assume that attacks are imminent, researchers concluded.

“It is a confusing time that involves two nations that have historically possessed and demonstrated very good skills in the cybersecurity and cybercrime areas,” noted Purandar Das, co-founder and CEO at Sotero, via email. “Countries under duress have and will utilize cyberattacks as a way to retaliate and to get around sanctions. The U.S. being the face of such sanctions and a history of poorly protected infrastructure make it a tempting target. Add all this together and the warnings make a lot of sense.”

Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our FREE downloadable eBook, “Cloud Security: The Forecast for 2022.” We explore organizations’ top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists.

 

Suggested articles

Discussion

  • HARRISON on

    ASSASSINATE VLADIMIR PUTIN BEFORE HE STARTS WW3!
  • Anonymous on

    What do you think that would cause man, WW3 stupid lol
  • Avelino Juarez on

    We may have to bring back older practice of ways to communicate, to avoid to many mix-up, where people can keep a solid foundation for communicate. The basics is never ever is really gone from people mind set, makes it easier to rely on, until a more assured standard is established.
  • United States taxpayer on

    Everyone needs to work together to many soldiers and civilians are being killed for what to see who has power The United States would be better off if Joe Biden had is sorry ass kick because he is the stupidest president we have ever had and for his Vice president she is nothing but a LOSER and a joke
  • AJ Droyd on

    All this comical BS drama about Russia and cyber attacks lol. We can not only do the same thing to them (and will) but we can do it on a much larger scale and a hell of a lot better!! So, do you really think they're going to mess with us? Nice try at a story. And you wonder why the people hate the media.

Leave A Comment

 

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.