DHS Warns Of Russian Cyberattack On Us Infrastructure

A digital abstract image with binary code and a stylized key indicating encryption, cybersecurity, or data protection.

January 26, 2022 | CSD Team

As tensions escalate along the Ukraine and Russian border, the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued warnings that Russia could conduct a cyberattack against public infrastructure the United States if it feels threatened by U.S. actions in response to a possible Russian invasion of Ukraine.

According to a DHS Intelligence and Analysis bulletin obtained by CBS News, the U.S. government warns that Russia would consider a cyberattack if a US or NATO response to a possible Russian invasion threatened long-term security. An attack could range from low-level denials-of-service to destructive attacks targeting critical infrastructure. The bulletin goes on to detail the validity of the threat saying Russia “almost certainly considers cyberattacks an acceptable option to respond to adversaries.”

Citing a series of recent cyberattacks conducted against Ukraine’s public and private infrastructure, including a slew of malware that affected websites and wiped out and corrupted data from Windows and Linux based systems, DHS and Microsoft have urged public and private groups in the U.S. to proactively protect their infrastructure against malware attacks.

According to Microsoft, the malware that was discovered in Ukraine is designed to look like ransomware but lacks a ransom recovery mechanism. It is designed to render devices inoperable instead of trying to obtain a ransom.

In order to prepare for an attack, CISA issued the following mitigations that can help organizations improve their functional resilience by reducing the risk of compromise or sever business degradation:

Be prepared. Confirm reporting processes and minimize personnel gaps in IT/OT security coverage. Create, maintain, and exercise a cyber incident response plan, resilience plan, and continuity of operations plan so that critical functions and operations can be kept running if technology systems are disrupted or need to be taken offline.
Enhance your organization’s cyber posture. Follow best practices for identity and access management, protective controls and architecture, and vulnerability and configuration management.
Increase organizational vigilance. Stay current on reporting on this threat. Subscribe CISA’s mailing list and feeds to receive notifications when CISA releases information about a security topic or threat.

For more information on preparing for and mitigating cyber threats, visit cisa.gov

In addition, CSD Pool members have free access to NetDiligence’s eRisk Hub , a cyber portal designed to help your organization prepare for future threats or respond to an attack. To sign up for free, visit eriskhub.com/csdpool. Use the access code 09746 for access.

If you have any other questions, please email info@csdpool.org.

Website Accessibility Statement

Colorado Special Districts Property and Liability Pool (the "District") is committed to ensuring that its services are accessible to all members of the public. As part of this commitment, the District strives to provide an accessible website compatible with the Web Content Accessibility Guidelines (WCAG) version 2.1, AA, and commercial screen reading software. Features of the website are created to allow individuals with vision and other impairments to understand and use the website to the same degree as someone without disabilities.

If you need any special assistance or accommodations:

Contact our compliance support team via telephone at: (888) 765-1970

Ongoing Compliance Information

Compliance Coordinator

The District has designated a Compliance Coordinator for website disability-related accommodations. The Compliance Coordinator has received training in website accessibility and updates the site in accordance with those best practices and requirements.

Compliance Procedures

The District is working to ensure all website content complies with the Americans with Disabilities Act and controlling State laws. In an ongoing effort to continually improve and remediate accessibility issues, the website is regularly scanned to ensure ongoing compliance, and timely changes are made to any inaccessible content if found.

Accessible Documents Policy

The District is committed to providing all documents hosted on the website in an accessible format or making accessible alternatives available.

Linked Documents and Third Parties

Please note that this site may link out to third-party websites that do not have accessible content. This site may also include documents provided by third parties. While we cannot control the accessibility of content provided by third parties, we are happy to assist any member of the public with reading and accessing content on our site.

Report a Website Accessibility Issue

We are committed to your ability to access all content, and we will respond to all requests in a timely manner. If you need assistance or accommodations while accessing content on this website, please contact our Compliance Coordinator via the form below: