It has been reported that the Department of Homeland Security (DHS) is warning that Russia may pursue a cyberattack against the US as tensions escalate over Moscow’s build-up of forces near the border with Ukraine. The DHS bulletin outlined that Russia could launch such an attack if it perceived any US or NATO response to be a threat to its own national security.
“We assess that Russia would consider initiating a cyberattack against the Homeland if it perceived a US or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security,” the agency said in the bulletin released to law enforcement partners.
Russia has a number of cyber tools it could use to attack the US, ranging from ‘low-level denials-of-service to destructive attacks targeting critical infrastructure’. The bulletin says Russia ‘almost certainly considers cyberattacks an acceptable option to respond to adversaries’ because it lacks the ability to respond with the economic and diplomatic options often preferred by other countries.
Ken Westin, Director of Security Strategy at Cybereason, commented: “Neither organisations nor private citizens should panic due to the DHS bulletin, but should remain vigilant, identify what assets may be targeted, establish plans for Business Continuity and cyber-resilience, and pay attention to the news and threat intelligence if the situation escalates in the coming days.
“My concern with Russia today is that they have an arsenal of zero day exploits at the ready, as well as initial access to some targets already. However, any zero days they may possess will be ‘spent’ on initial execution, so there is risk in Russia deploying them and exposing their capabilities. The US and allies also have offensive cyber capabilities and businesses can be caught in the crossfire and be collateral damage. A key target may not just be critical infrastructure, but also our financial and healthcare systems or electricity grids to try and trigger a panic.
“While the risk of a Russian cyberattack is low, if DHS was aware of a threat and failed to notify law enforcement agencies and the public, the backlash after the fact could be significant. The uncertainty around both the intentions and full capabilities of Russia’s offensive cyber operations makes the situation more stressful for the government as well as businesses. The intelligence alerts and briefings for critical infrastructure and banks are being done out of an abundance of caution to prepare organisations for what could happen, not necessarily what will happen.”Click below to share this article