Potential for Russian cyberattack against U.S. ‘not to be taken lightly’

Did you miss a session from the Future of Work Summit? Head over to our Future of Work Summit on-demand library to stream.


A report suggesting it’s possible that Russia might be eyeing a cyberattack against U.S. infrastructure, amid tensions between the countries over Ukraine, should not be ignored by the cybersecurity community.

Today, CNN reported that it had viewed a Department of Homeland Security (DHS) intelligence bulletin on the topic. The bulletin suggested that in the event Russia invades Ukraine, a U.S. or NATO response to the invasion might prompt a cyber offensive from Russia against targets located in the U.S.

The attacks could range “from low-level denials-of-service to destructive attacks targeting critical infrastructure,” according to the January 23 bulletin, as cited by CNN.

Kevin Breen, director of cyber threat research at Immersive Labs, said in an email statement that “the latest DHS intelligence bulletin warning of a potential Russian cyber attack on the U.S. is not something to be taken lightly.”

“We’ve seen notable ransomware groups operating out of that region, including REvil and DarkSide, with the technical ability to compromise large networks rapidly and at great scale,” Breen said. “It would be wrong to assume that the nation state housing such criminal elements doesn’t have a matching capability.”

High threshold for an attack

Still, the DHS memo suggested that Russia “probably” maintains a “very high” threshold for carrying out a destructive cyberattack against targets in the U.S., CNN reported.

“[W]e have not observed Moscow directly employ these types of cyber attacks against US critical infrastructure—notwithstanding cyber espionage and potential prepositioning operations in the past,” the DHS bulletin said, according to CNN.

Breen noted that “an attack of significant magnitude, including a deliberate attack on U.S. critical infrastructure, would almost certainly have wider geopolitical consequences.”

“With this new bulletin, the Department of Homeland Security is working on the basis that to be forewarned is to be forearmed – and preparation is key,” he said.

The DHS bulletin was distributed to operators of critical infrastructure in the U.S., as well as to state and local governments, according to CNN.

Other ransomware gangs known to operate in Russia include Conti, known for “attacking organizations where IT outages can have life-threatening consequences: hospitals, 911 dispatch carriers, emergency medical services, and law enforcement agencies,” according to a report last June from Palo Alto Networks’ Unit 42 research group.

For instance, a May 2021 attack by Conti in Ireland “prompted the shutdown of the entire information technology network of the nation’s healthcare system – prompting cancellation of appointments, the shutdown of X-ray systems and delays in COVID testing,” the report said.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Source

Leave a Reply

Your email address will not be published. Required fields are marked *