Russia is known to have a fearsome army of state-backed hackers, but its involvement in the Russia-Ukraine war has so far been limited.
Now, American business leaders are being warned to strengthen their defenses because evolving intelligence suggests Russia could conduct malicious cyber activity against American companies and critical infrastructure.
The Potential of Russian Cyber Attacks in Ukraine
When Russian forces crossed the border to Ukraine on February 24, 2022, most people familiar with the military doctrine of the Russian Federation were expecting Russian state-sponsored cyber operation activity to rapidly escalate and target critical parts of Ukrainian infrastructure.
We’re now a month in the invasion, and the Viasat outage, which resulted in the disruption of broadband satellite internet access in Ukraine, is still the only major example of Russia utilizing its electronic warfare capabilities.
That’s surprising because Russia has been hitting Ukraine with cyber attacks on a regular basis ever since it invaded and subsequently annexed the Crimean Peninsula from Ukraine in February and March 2014, disrupting Ukraine’s electricity grid, infecting computers with destructive malware, and more.
Why hasn’t Russia conducted more cyber attacks against Ukraine to support its struggling military forces? There are many possible explanations, with one of them being that significant cyber attacks take a long time to organize. Since we know that Russia initially expected to take over Ukraine in a matter of days, it’s possible that Russian forces’ top brass saw no need for them.
But the invasion is not going according to plan, and Russia is feeling the weight of the sanctions imposed on it by Ukraine’s western allies, with the United States leading the way. These factors could be enough to wake up the sleeping bear that is Russia’s cyber warfare capacity, and new intelligence suggests that’s exactly what’s happening.
On March 21, 2022, President Joe Biden warned American business leaders to strengthen their cyber defenses because of Russia, revealing that Russia could be actively exploring options for potential cyberattacks.
“The magnitude of Russia’s cyber capacity is fairly consequential, and it’s coming,” said Biden at the Business Roundtable Quarterly Meeting in Washington. “One of the tools [Putin’s] most likely to use, in my view—in our view—is cyber attacks. They have a very sophisticated cyber capability.”
While the Biden administration has refrained from sharing specific details, national security adviser Anne Neuberger revealed during a recent White House briefing that Russia had been conducting what she described as preparatory activities for cyber attacks.
It’s likely that the preparatory activities involved large-scale scanning of devices connected to the public internet for software vulnerabilities. The next step would be to actually start exploring vulnerable devices for various nefarious purposes.
Most vulnerabilities can be quickly patched, so both targeted and massive cyber attacks are most effective when they’re well-orchestrated and unexpected.
The Biden administration has been modernizing the Federal Government defenses and improving the security of widely-used technology, but it’s aware that large swaths of America’s critical infrastructure are owned and operated by the private sector.
“[It’s] a patriotic obligation that you invest as much as you can in making sure—and we will help in any way—that you have built up your technological capacity to deal with cyber attacks,” Biden told business leaders.
In addition to the warning to American business leaders, the administration has provided several actionable steps, encouraging all private sector organizations to take them with urgency.
The steps include some of the most commonly recommended cybersecurity best practices, such as the use of multi-factor authentication, the creation of backups of all important data, the deployment of modern security tools on all endpoints, data encryption, cybersecurity awareness training, and others.
Organizations are also urged to proactively engage with their local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents.
To implement these and other cybersecurity best practices, organizations with limited IT capabilities can partner with cybersecurity-savvy managed service providers like us at Aligned Technology Solutions.
We at Aligned are here to help you secure your business against all cyber threats, including those coming from Russia. Call (703) 740-8797 or fill out our contact form today to book a consultation.