Skip to main content

Potential for Russian cyberattack against U.S. ‘not to be taken lightly’

Security breach, system hacked alert with red broken padlock icon showing unsecure data under cyberattack, vulnerable access, compromised password, virus infection, internet network with binary code
Image Credit: Getty Images

Join us in Atlanta on April 10th and explore the landscape of security workforce. We will explore the vision, benefits, and use cases of AI for security teams. Request an invite here.


A report suggesting it’s possible that Russia might be eyeing a cyberattack against U.S. infrastructure, amid tensions between the countries over Ukraine, should not be ignored by the cybersecurity community.

Today, CNN reported that it had viewed a Department of Homeland Security (DHS) intelligence bulletin on the topic. The bulletin suggested that in the event Russia invades Ukraine, a U.S. or NATO response to the invasion might prompt a cyber offensive from Russia against targets located in the U.S.

The attacks could range “from low-level denials-of-service to destructive attacks targeting critical infrastructure,” according to the January 23 bulletin, as cited by CNN.

Kevin Breen, director of cyber threat research at Immersive Labs, said in an email statement that “the latest DHS intelligence bulletin warning of a potential Russian cyber attack on the U.S. is not something to be taken lightly.”

VB Event

The AI Impact Tour – Atlanta

Continuing our tour, we’re headed to Atlanta for the AI Impact Tour stop on April 10th. This exclusive, invite-only event, in partnership with Microsoft, will feature discussions on how generative AI is transforming the security workforce. Space is limited, so request an invite today.
Request an invite

“We’ve seen notable ransomware groups operating out of that region, including REvil and DarkSide, with the technical ability to compromise large networks rapidly and at great scale,” Breen said. “It would be wrong to assume that the nation state housing such criminal elements doesn’t have a matching capability.”

Other ransomware gangs known to operate in Russia include Conti, known for “attacking organizations where IT outages can have life-threatening consequences: hospitals, 911 dispatch carriers, emergency medical services, and law enforcement agencies,” according to a report last June from Palo Alto Networks’ Unit 42 research group.

High threshold for an attack

Still, the DHS memo suggested that Russia “probably” maintains a “very high” threshold for carrying out a destructive cyberattack against targets in the U.S., CNN reported.

“[W]e have not observed Moscow directly employ these types of cyber attacks against US critical infrastructure—notwithstanding cyber espionage and potential prepositioning operations in the past,” the DHS bulletin said, according to CNN.

Breen noted that “an attack of significant magnitude, including a deliberate attack on U.S. critical infrastructure, would almost certainly have wider geopolitical consequences.”

“With this new bulletin, the Department of Homeland Security is working on the basis that to be forewarned is to be forearmed – and preparation is key,” he said.

The DHS bulletin was distributed to operators of critical infrastructure in the U.S., as well as to state and local governments, according to CNN.

Uncertainty

Ken Westin, director for security strategy at Cybereason, said his biggest concern about Russia is that they appear to have “an arsenal of zero day exploits at the ready, as well as initial access to targets already.”

Still, zero days that they possess would likely be used on initial execution, “so there is risk in Russia deploying them and exposing their capabilities,” he said.

Ultimately, though, there remains a large amount of uncertainty around both the intentions and full capabilities of Russia’s offensive cyber operations—and there’s no reason at this point to assume a cyberattack against targets in the U.S. is inevitable, Westin said.

“The intelligence alerts and briefings for critical infrastructure and banks are being done out of an abundance of caution to prepare organizations for what could happen, not necessarily what will happen,” he said.

VB Daily - get the latest in your inbox

Thanks for subscribing. Check out more VB newsletters here.

An error occured.