U.S. Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly highlighted the importance of defending against Russian cyberattacks in a recent interview.
“We are seeing evolving intelligence about Russians planning for potential attacks,” she told 60 Minutes. “We have to assume that there is going to be a breach, there is going to be an incident, there is going to be an attack.”
When asked why the average American should be concerned, she responded that everything we do in our daily life – pumping gas, buying food, using an ATM, power, water and communication – all depend on critical infrastructure. Easterly explained that this critical infrastructure is what is at potential risk.
“We are seeing Russian state actors scanning, probing, looking for opportunity, looking for weaknesses on critical infrastructure, on businesses,” Easterly said. “Think of it as a burglar going around trying to jiggle the lock in your house door to see if it’s open.”
Precedent set for nation-state attacks
“I think we are dealing with a very dangerous, very sophisticated, very well-resourced cyber actor,” said Easterly.
When asked about sectors likely to be targeted, Easterly said the Russian playbook includes targeting the energy sector. Robert Lee, former National Security Agency hacker and co-founder of cybersecurity company Dragos, added that Russia is the only country that has expertise in taking down cyber powers.
In 2015, Lee looked into an attack where the Russian state broke into three different Ukraine power companies. In the end, the attack took over 60 substations off the grid in the dead of winter. This caused blackouts for over 225,000 customers. Easterly also discussed rumors that the financial services industry was a target. She explained that this was likely to strike back over sanctions against Russia.
CISA’s answer: National awareness campaign
In April, CISA launched Shields Up, a national campaign aimed to increase awareness and share information about potential attacks. Social media campaigns have focused on getting consumers to update software apps and use multifactor authentication on their phones. The Shields Up website provides time-sensitive updates about the threat of a Russian cyberattack. Easterly cautions that the Shields Up website is about being ready and not about making people panic. Instead, she wants everyone to assume that cyber threats will happen and to prepare. The website also provides guidance for organizations, including:
- Reduce the likelihood of a damaging cyber intrusion
- Take steps to quickly detect a potential intrusion
- Ensure that the organization can respond if an intrusion occurs
- Maximize resilience to a destructive cyber incident.
By getting the word out to businesses and the general public, the U.S. can be more prepared for a potential nation-state cyberattack and ideally prevent it from happening.
If you have questions and want a deeper discussion about the malware and prevention techniques, you can schedule a briefing here. Get the latest updates as more information develops on the IBM Security X-Force Exchange and the IBM PSIRT blog.
If you are experiencing cybersecurity issues or an incident, contact X-Force to help: US hotline 1-888-241-9812 | Global hotline (+001) 312-212-8034.
More cybersecurity threat resources are available here.