June 1, 2022 By Jennifer Gregory 2 min read

U.S. Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly highlighted the importance of defending against Russian cyberattacks in a recent interview. 

“We are seeing evolving intelligence about Russians planning for potential attacks,” she told 60 Minutes. “We have to assume that there is going to be a breach, there is going to be an incident, there is going to be an attack.”

When asked why the average American should be concerned, she responded that everything we do in our daily life – pumping gas, buying food, using an ATM, power, water and communication – all depend on critical infrastructure. Easterly explained that this critical infrastructure is what is at potential risk.

“We are seeing Russian state actors scanning, probing, looking for opportunity, looking for weaknesses on critical infrastructure, on businesses,” Easterly said. “Think of it as a burglar going around trying to jiggle the lock in your house door to see if it’s open.

Precedent set for nation-state attacks

“I think we are dealing with a very dangerous, very sophisticated, very well-resourced cyber actor,” said Easterly.

When asked about sectors likely to be targeted, Easterly said the Russian playbook includes targeting the energy sector. Robert Lee, former National Security Agency hacker and co-founder of cybersecurity company Dragos, added that Russia is the only country that has expertise in taking down cyber powers.

In 2015, Lee looked into an attack where the Russian state broke into three different Ukraine power companies. In the end, the attack took over 60 substations off the grid in the dead of winter. This caused blackouts for over 225,000 customers. Easterly also discussed rumors that the financial services industry was a target. She explained that this was likely to strike back over sanctions against Russia.

CISA’s answer: National awareness campaign

In April, CISA launched Shields Up, a national campaign aimed to increase awareness and share information about potential attacks. Social media campaigns have focused on getting consumers to update software apps and use multifactor authentication on their phones. The Shields Up website provides time-sensitive updates about the threat of a Russian cyberattack. Easterly cautions that the Shields Up website is about being ready and not about making people panic. Instead, she wants everyone to assume that cyber threats will happen and to prepare. The website also provides guidance for organizations, including:

  • Reduce the likelihood of a damaging cyber intrusion
  • Take steps to quickly detect a potential intrusion
  • Ensure that the organization can respond if an intrusion occurs
  • Maximize resilience to a destructive cyber incident.

By getting the word out to businesses and the general public, the U.S. can be more prepared for a potential nation-state cyberattack and ideally prevent it from happening.

If you have questions and want a deeper discussion about the malware and prevention techniques, you can schedule a briefing here. Get the latest updates as more information develops on the IBM Security X-Force Exchange and the IBM PSIRT blog.

If you are experiencing cybersecurity issues or an incident, contact X-Force to help: US hotline 1-888-241-9812 | Global hotline (+001) 312-212-8034.

More cybersecurity threat resources are available here.

More from News

Can memory-safe programming languages kill 70% of security bugs?

3 min read - The Office of the National Cyber Director (ONCD) recently released a new report, “Back to the Building Blocks: A Path Toward Secure and Measurable Software." The report is one of the first major announcements from new ONCD director Harry Coker and makes a strong case for adopting memory-safe programming languages. This new focus stems from the goal of rebalancing the responsibility of cybersecurity and realigning incentives in favor of long-term cybersecurity investments. Memory-safe programming languages were also included as a…

CISA hit by hackers, key systems taken offline

3 min read - The Cybersecurity and Infrastructure Security Agency (CISA) — responsible for cybersecurity and infrastructure protection across all levels of the United States government — has been hacked. “About a month ago, CISA identified activity indicating the exploitation of vulnerabilities in Ivanti products the agency uses,” a CISA spokesperson announced. In late February, CISA had already issued a warning that cyber threat actors are exploiting previously identified vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways. Ivanti Connect Secure is a…

DOJ’s crackdown: A brief look at hacker group takedowns

3 min read - The Department of Justice (DOJ) is ramping up efforts focused on disrupting cyber criminal organizations operating within and outside of United States borders. The dismantling of Volt Typhoon, a prolific hacker collective, marked a turning point in the DOJ's offensive against cyber crime syndicates. The group was notorious for its brazen cryptocurrency scams and heists. Through coordinated global law enforcement efforts, individuals linked to the organization were apprehended, assets were frozen and critical infrastructure was seized. The success of the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today