Blog Articles, Cyber Attacks

The Current US Concern Over Cyberattacks Due to the Russian/Ukrainian Conflict

Mar 15, 2022
New call-to-action

Recent Content

Russia has launched military operation against Ukraine, which has, expectedly, caused concern in global cyberspace. The conflict has created allies on both sides, with most of those involved possessing advanced cyberwarfare capabilities. 

US authorities have expressed deep concern that the Russia-Ukraine conflict may affect American cyber networks adversely. That said, major cybersecurity agencies have encouraged US organizations to beef up their cybersecurity defense measures regardless of industry or size.

“While there are not any specific, credible, cyber threats to the US, we encourage all organizations – regardless of size – to take steps now to improve their cybersecurity and safeguard their critical assets,” warned a statement from CISA (Cybersecurity Infrastructure Security Agency). In this regard, the Biden administration requested Congress for a $10 billion emergency fund for defense reasons, citing whys and wherefores like the need to bolster the Ukrainian cyber defense capabilities and strengthen the FBI’s “investigative and operational response to cyber threats stemming from the Russia threat and war on Ukraine.”

American security intelligence officials informed the Congress annual threat assessment that Russia is potentially waging cyberwar on countries perceived to be supporting Ukraine or those that seem to be undermining Russia’s interests or threatening its stability. In particular, the annual threat report indicated that “Russia views cyber disruptions as a foreign policy lever to shape other countries’ decisions, as well as a deterrence and military tool.” Hence, there are growing concerns that the Russia-Ukraine conflict may cause Russia to launch cyber-attacks targeting critical infrastructures in the US and its allies. 

 

Concerns Over Spillover Cyber Attacks

While there are no reports yet that cyber adversaries in the conflicting regions have directly targeted the United States, officials remain wary of the potential spillover of cyber warfare. Specifically, US authorities believe Russian cyberattacks targeting Ukraine may spill over and cause short- or long-term effects on other nations. This is because cyber networks and systems are invariably connected, and large-scale attacks may easily spread to other countries. For example, the 2017 Russian NotPetya ransomware attacks targeting Ukraine disrupted some of the world’s largest banks, container shipping companies, and power plants, resulting in more than $10 billion in damages worldwide. 

At the same time, there is no enforced or proper regulation or standard that governs international cyber warfare. Therefore, with Russia threatening any country that helps Ukraine, it is unclear if a spillover attack that spreads to NATO allies, such as the US, would retaliate and invoke the alliance’s Article 5. 

Also, a primary concern for the Biden administration is that Russia perceives sanctions as interference and would draw a response from the Kremlin through methods like Advanced Persistent Threats and ransomware attacks. For instance, the US is waiting to see how Putin will respond to the recent sanctions that ban all Russian energy, gas, and oil imports. 

In addition, spillover attacks may result in harsher sanctions to hurt Russia’s economy and military agenda. But in recent weeks, numerous US companies have withdrawn from virtually all Russian economic sectors and ceased operations. Jason Harley, former defense director at the White House, opines that the more Western countries sanction Russia, then “it no longer has anything to fear from blowback.” Fears that Russia could strike numerous US organizations with destructive malware call for enhanced security across all endpoints, networks, and critical systems. 

 

Russia's History of Cyber-Warfare

Russia has executed cyber-attacks worldwide over the years. The Kremlin has made allies ready to strike any enemy. One of Russia’s most notorious cybercrime syndicates, dubbed Conti, has publicly supported Russia’s Ukraine invasion and threatened anyone that interferes. “If anybody will decide to organize a cyberattack or any war activities against Russia, we are going to use all our possible resources to strike back at the critical infrastructures of an enemy,” the group recently announced. 

Before invading Ukraine, Russia first launched a devasting Internet war. The first instances were detected on January 13 when several organizations reported a destructive malware dubbed WhisperGate. Similar to NotPetya, the malware authors disguised it as ransomware. However, the malware did not provide an actual mechanism for paying a ransom or recovering encrypted files. On January 15, Microsoft reported WhisperGate as a purely destructive malware.  

Russia was also behind another data deletion malware called HematicWiper, found by security researchers on February 23. The researchers revealed that the attackers had authored the malware in December during the Russian military build along the Ukrainian border. The malware destroyed vast amounts of data resulting in financial losses and service disruption. 

In light of Russia’s history with cyberwarfare, US officials are worried that Russia could strike US organizations in response to the harsh US and NATO sanctions. Due to such events and the United States’ role in the conflict, the FBI and CISA issued a joint advisory warning against Russia’s possible cyber threats. In part, the advisory stated that “further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries.” 

 

Cybersecurity Risks Will Continue to Escalate

As US officials continue warning of the imminent cyber threats from Russia and its allies, cybersecurity risks targeting the US will continue to escalate. The adverse impacts of attacks targeting Ukrainian businesses are already being felt worldwide, a fact that’s causing business leaders to assess if they could be affected. For example, a recent White House statement warned of potential supply chain vulnerabilities due to the US reliance on Ukrainian-sourced neon, a crucial component for the chip industry. Also, Russia exports critical elements used to manufacture agriculture, jet engines, semiconductors, and automobiles, further posing a significant security risk to the US. 

It is also vital to note that the Russia-Ukraine conflict presents one of the most significant cybersecurity risks Western countries and the United States has ever faced. NATO countries have spearheaded a spirited campaign through the US-led comprehensive financial and economic sanctions, which Russia views as economic warfare. It is unlikely that Russia will standby, and there are fears that it will respond asymmetrically by leveraging its considerable cyber capabilities. In fact, early exploitations have already begun with some of the vigilant US organizations detecting increased cyber probing. On the same note, US intelligence and security teams in the private and public sectors anticipate advanced threats from Russia, its allies, and affiliated cybercrime groups. 

 

The Growing Importance of US Cybersecurity Firms

As the Russian-Ukrainian conflict continues to rage on, the US has promised financial and economic assistance to Ukraine. On the other hand, the prospect of a Russian-sponsored cyber-attack targeting US companies cannot be ignored. As a result, cybersecurity firms have become increasingly important in cyber preparation and penetration testing to identify and remediate vulnerabilities. Also, the Biden-led government has warned US companies to harden their cyber defenses in preparation for potential attacks. Leading cybersecurity companies and solutions providers have the requisite experts, resources, and tools required to bolster the cybersecurity posture.

Furthermore, Russia has a history of using cyber warfare to attack its adversaries during conflicts. Indeed, reports show that the Russian government and its affiliated cybercrime organizations targeted Ukraine with many cyberattacks before invading. CISA has already launched a website urging organizations operating critical infrastructure to implement sufficient protection controls in anticipation of Russian attacks. “Every organization — large and small — must be prepared to respond to disruptive cyber activity,” the website urges. Cybersecurity firms are inevitably crucial to defending against cyber-attacks, and Pulsar Security has the capacity, resources, and experience to help enhance data protection and attack detection and response practices.  

 

Pulsar Security Can Help

There’s no telling when the Russia-Ukraine conflict will end or whether it will escalate and become a global cyberwar. Thus, it is prudent to invest in offensive security solutions and services from the most competent experts. Pulsar Cyber Shield is one such solution that allows your company to perform dark web and vulnerability assessments. In addition, it has a continuous threat monitoring and alerting function to ensure you are always aware of your cybersecurity posture. 

Other essential Pulsar security services include advanced penetration testing. Allowing Pulsar Security professionals to perform regular penetration tests ensures timely discovery and mitigation of cybersecurity vulnerabilities that may enable malicious cyber actors to compromise your data, networks, and internal systems. Vulnerability assessments are also an essential solution that review your user, networks, and systems to identify potential entry points and security weaknesses like misconfigurations, unpatched systems and applications, and suspicious user behavior. 

Pulsar Security offers additional cybersecurity solutions critical to securing against cyber-attacks. These include dark web assessments, phishing simulation exercises, red teaming, wireless network assessments, among others. Each service can help your organization bolster its defenses in light of the growing cyber threat from the Russia-Ukraine conflict. The highly experienced and qualified Pulsar Security team can help protect your business from any cyber threat.

Duane Laflotte

Duane Laflotte

As CTO, Duane works to resolve complex technical issues for the team and its partners. He can be found at the bleeding edge of emerging technology and believes that continually feeding curiosity results in prolonged growth and creative solutions to complicated challenges. Duane is an expert technologist in the areas of cryptography, exploit development, networking, programming, and enterprise data storage. As an industry leader, Duane has worked with a wide array of Fortune 500, government, and military organizations - such as Disney, Bank of America, the FBI, SOCOM, DARPA, and the NHL – as a solutions architect, red team lead, and presales engineer. Duane is a highly accomplished engineer who has achieved expert-level certification as an Offensive Security Certified Expert (OSCE) among other credentials such as Offensive Security Certified Professional (OSCP), GIAC Exploit Researcher & Advanced Penetration Tester (GXPN), Certified Ethical Hacker (CEH), Microsoft Certified Professional, and Microsoft Technology Associate. Duane is an active FIRST Robotics volunteer and has coached teams which have earned the prestigious Chairman's Award.