Ukraine war sanctions could spur Russian cyberattacks on U.S., expert warns

As Russian tanks rolled into Ukraine last week, military and security experts anticipated both conventional warfare attacks — missiles, bombs, gunfire — and devastating cyber strikes targeting Ukraine's critical infrastructure as well as digital networks in allied countries.



Indeed, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a "shields up" alert well ahead of Russia's invasion of Ukraine on February 23, warning IT departments everywhere to monitor for suspicious activity that could disrupt their business or government operations. The technology consulting firm Wedbush affirmed the alert and issued a report warning U.S. financial institutions, enterprise data centers and logistics companies to prepare for Russia-directed cyberattacks.


Aside from a handful of denial of service attacks and wiper malware that deletes data, the Kremlin's formidable hacker army has remained relatively quiet since the invasion. But don't expect Russian restraint to last, said Chris Krebs, partner at the Krebs Stamos Group and former head of CISA.


As the West's economic sanctions intensify and damage Russia's economy, Krebs explained, "you may see retaliation where the Russian government says, 'Hey, you're hitting our banks, so we're gonna go hit your banks.' It could be different techniques or even different actors, outside of official agencies" like ransomware gangs.

CBS MoneyWatch spoke with Krebs, who said Russian cyberattacks are not limited to Ukraine. "The internet has collapsed the spaces between us. So even though Ukraine seems very far away, every company should be on high alert." The interview below has been edited for clarity and brevity.


How might Russia target the U.S. with cyberattacks?

Chris Krebs: It's important to start off with the fact that there is no specific intelligence, as far as I know, to indicate any sort of attack is imminent. They're basing these advisories on a historic understanding of Russian cyber activity targeting the West. In Ukraine, they've gone after the power grid. In 2015 and 2016, the Russians disabled the electric grid in the dead of winter. Russia has also used other techniques, including using software supply-chain attacks. For example, the Russians were able to exploit accounting software and tunnel their way into global businesses.


Read the full article here.

17 views0 comments