Site icon News Azi

The US Watches Warily for Russia-Ukraine Tensions to Spill Over

In recent weeks, nearly every corner of the US government has been brought to bear on that same question: The Transportation Security Administration, which oversees pipeline security, in addition to its better-known role of passenger screening at airports, has issued directives to pipeline companies; the Environmental Protection Agency has recently hosted two webinars for more than 400 water utilities about necessary security steps; and the Department of Energy held comparable, CEO-level briefings for energy companies.

More public-facing government efforts have come in the form of a mid-January advisory from CISA, NSA, and the FBI outlining common tactics and techniques for Russian cyber operations, ranging from preferred Cisco routers to Microsoft Exchange vulnerabilities. Last week, those agencies issued another joint advisory, along with international counterparts from Australia and the UK highlighting the proliferation of ransomware attacks against critical infrastructure in 2021. While the advisory never specifically mentions Russia, many of the worst attacks of 2021 stemmed from Russia-based groups like REvil.

Russia has long treated its neighbor Ukraine as a real-world sandbox to test cyberattacks. In 2015, it brought down the country’s power grid. In 2017, it set loose the NotPetya ransomware, which corrupted Ukrainian tax software and went on to cause as much as $10 billion in damage to international companies that did business in the country. The shipping company Maersk saw some 80,000 computers destroyed; FedEx suffered nearly half a billion dollars in damage; the drug company Merck saw upwards of $800 million in losses.

A more recent attack came in mid-January, as dozens of Ukraine government websites were knocked offline and defaced, replacing the sites with text that warned, “Be afraid and expect the worst.” While that attack may have originated from Russian ally Belarus, subsequent destructive malware hit Ukrainian systems, posing as ransomware but deleting data. US officials have also warned of “specific, credible” threats against Ukraine’s critical infrastructure. On Tuesday, an apparent DDoS attack hit the websites of Ukraine’s Ministry of Defense, Armed Forces, and two major banks, although it’s unclear who’s responsible.

The US government has long been intimately involved in helping understand and mitigate Ukraine’s cyber risk, collaboration that it hopes will also help understand and mitigate threats to the homeland. US Cyber Command has conducted what it calls “hunt forward” missions in Ukraine, deploying teams to the country to search for malware as part of a strategy known as “persistent engagement,” developed by its commander, general Paul Nakasone, that attempts to keep the US in constant contact with its primary adversaries in the most active arenas in cyberspace.

On the civilian side, CISA works closely with Ukrainian cybersecurity agencies, and the US Agency for International Development has for years run large-scale, multi-million-dollar programs to help Ukraine protect its own critical infrastructure against cyberattacks. “We’ve also more recently, as you can imagine, been communicating with CERT-Ukraine to provide reports of possible activity targeting Ukrainian organizations, including Ukrainian government agencies,” Easterly says, referring to the country’s computer emergency response team. “We are standing in to be able to be helpful for them.”

Red Lines

Conversations with more than a dozen senior cybersecurity leaders across the US government, tech companies, and the private sector in recent weeks—many who asked to speak anonymously in order to candidly discuss a dynamic threat environment—outlined major areas of risk they’re collectively watching where Russia has already demonstrated a sometimes brutal effectiveness online.

While many expect Russia to deploy information operations regionally, including both disinformation and perhaps even hack-and-leak operations similar to those it used to target the 2016 US presidential elections, the two leading threats are a scourge of ransomware and so-called collateral damage. “Looking back at NotPetya, that’s a huge cautionary tale,” Easterly says, pointing to the many US companies or Western subsidiaries who do business in Ukraine and thus have interlocked digital systems.

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsAzi is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – admin@newsazi.com. The content will be deleted within 24 hours.
Exit mobile version