DHS Warns Of Russian Cyberattack On Us Infrastructure
January 26, 2022 | CSD Team
As tensions escalate along the Ukraine and Russian border, the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued warnings that Russia could conduct a cyberattack against public infrastructure the United States if it feels threatened by U.S. actions in response to a possible Russian invasion of Ukraine.
According to a DHS Intelligence and Analysis bulletin obtained by CBS News, the U.S. government warns that Russia would consider a cyberattack if a US or NATO response to a possible Russian invasion threatened long-term security. An attack could range from low-level denials-of-service to destructive attacks targeting critical infrastructure. The bulletin goes on to detail the validity of the threat saying Russia “almost certainly considers cyberattacks an acceptable option to respond to adversaries.”
Citing a series of recent cyberattacks conducted against Ukraine’s public and private infrastructure, including a slew of malware that affected websites and wiped out and corrupted data from Windows and Linux based systems, DHS and Microsoft have urged public and private groups in the U.S. to proactively protect their infrastructure against malware attacks.
According to Microsoft, the malware that was discovered in Ukraine is designed to look like ransomware but lacks a ransom recovery mechanism. It is designed to render devices inoperable instead of trying to obtain a ransom.
In order to prepare for an attack, CISA issued the following mitigations that can help organizations improve their functional resilience by reducing the risk of compromise or sever business degradation:
- Be prepared. Confirm reporting processes and minimize personnel gaps in IT/OT security coverage. Create, maintain, and exercise a cyber incident response plan, resilience plan, and continuity of operations plan so that critical functions and operations can be kept running if technology systems are disrupted or need to be taken offline.
- Enhance your organization’s cyber posture. Follow best practices for identity and access management, protective controls and architecture, and vulnerability and configuration management.
- Increase organizational vigilance. Stay current on reporting on this threat. Subscribe CISA’s mailing list and feeds to receive notifications when CISA releases information about a security topic or threat.
For more information on preparing for and mitigating cyber threats, visit cisa.gov
In addition, CSD Pool members have free access to NetDiligence’s eRisk Hub , a cyber portal designed to help your organization prepare for future threats or respond to an attack. To sign up for free, visit eriskhub.com/csdpool. Use the access code 09746 for access.
If you have any other questions, please email info@csdpool.org.