June 1, 2022 By Jennifer Gregory 2 min read

U.S. Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly highlighted the importance of defending against Russian cyberattacks in a recent interview. 

“We are seeing evolving intelligence about Russians planning for potential attacks,” she told 60 Minutes. “We have to assume that there is going to be a breach, there is going to be an incident, there is going to be an attack.”

When asked why the average American should be concerned, she responded that everything we do in our daily life – pumping gas, buying food, using an ATM, power, water and communication – all depend on critical infrastructure. Easterly explained that this critical infrastructure is what is at potential risk.

“We are seeing Russian state actors scanning, probing, looking for opportunity, looking for weaknesses on critical infrastructure, on businesses,” Easterly said. “Think of it as a burglar going around trying to jiggle the lock in your house door to see if it’s open.

Precedent set for nation-state attacks

“I think we are dealing with a very dangerous, very sophisticated, very well-resourced cyber actor,” said Easterly.

When asked about sectors likely to be targeted, Easterly said the Russian playbook includes targeting the energy sector. Robert Lee, former National Security Agency hacker and co-founder of cybersecurity company Dragos, added that Russia is the only country that has expertise in taking down cyber powers.

In 2015, Lee looked into an attack where the Russian state broke into three different Ukraine power companies. In the end, the attack took over 60 substations off the grid in the dead of winter. This caused blackouts for over 225,000 customers. Easterly also discussed rumors that the financial services industry was a target. She explained that this was likely to strike back over sanctions against Russia.

CISA’s answer: National awareness campaign

In April, CISA launched Shields Up, a national campaign aimed to increase awareness and share information about potential attacks. Social media campaigns have focused on getting consumers to update software apps and use multifactor authentication on their phones. The Shields Up website provides time-sensitive updates about the threat of a Russian cyberattack. Easterly cautions that the Shields Up website is about being ready and not about making people panic. Instead, she wants everyone to assume that cyber threats will happen and to prepare. The website also provides guidance for organizations, including:

  • Reduce the likelihood of a damaging cyber intrusion
  • Take steps to quickly detect a potential intrusion
  • Ensure that the organization can respond if an intrusion occurs
  • Maximize resilience to a destructive cyber incident.

By getting the word out to businesses and the general public, the U.S. can be more prepared for a potential nation-state cyberattack and ideally prevent it from happening.

If you have questions and want a deeper discussion about the malware and prevention techniques, you can schedule a briefing here. Get the latest updates as more information develops on the IBM Security X-Force Exchange and the IBM PSIRT blog.

If you are experiencing cybersecurity issues or an incident, contact X-Force to help: US hotline 1-888-241-9812 | Global hotline (+001) 312-212-8034.

More cybersecurity threat resources are available here.

More from News

Cyberattack on American Water: A warning to critical infrastructure

3 min read - American Water, the largest publicly traded United States water and wastewater utility, recently experienced a cybersecurity incident that forced the company to disconnect key systems, including its customer billing platform. As the company’s investigation continues, there are growing concerns about the vulnerabilities that persist in the water sector, which has increasingly become a target for cyberattacks. The breach is a stark reminder of the critical infrastructure risks that have long plagued the industry. While the water utility has confirmed that…

CISA and FBI release secure by design alert on cross-site scripting 

3 min read - CISA and the FBI are increasingly focusing on proactive cybersecurity and cyber resilience measures. Conjointly, the agencies recently released a new Secure by Design alert aimed at eliminating cross-site Scripting (XSS) vulnerabilities, which have long been exploited to compromise both data and user trust. Cross-site scripting vulnerabilities occur when a web application improperly handles user input, allowing attackers to inject malicious scripts into web pages that are then executed by unsuspecting users. These vulnerabilities are dangerous because they don't attack…

Has BlackCat returned as Cicada3301? Maybe.

4 min read - In 2022, BlackCat ransomware (also known as ALPHV) was among the top malware types tracked by IBM X-Force. The following year, the threat actor group added new tools and tactics to enhance BlackCat's impact. The effort paid off — literally. In March 2024, BlackCat successfully compromised Change Healthcare and received a ransom payment of $22 million in Bitcoin. But here's where things get weird: Immediately after taking payment, BlackCat closed its doors, citing "the feds" as the reason for the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today