RUSSIA AND UKRAINE AT WAR AND YOU MAY BE AT RISK
BY ZACH CROSMAN AND COLLIN PARSONS
Russia and Ukraine Cyber Warfare
Russia and Ukraine have had ongoing conflict over the last decade. With the current events escalating between Russia and Ukraine it is crucial to keep an eye on cybersecurity risks and attacks. Although the tensions are at a peak, Russian cyber attacks have been ongoing since 2015. In 2017 the Russian APT, Sandworm, launched an attack against Ukraine that would end up being the largest cyber attack in history. Russia was able to install a backdoor into a finance software that is used in most businesses in Ukraine. This destructive malware spread across the network and destroyed data on all systems. Within a short period of time it took down financial systems, pharmaceutical companies, shipping companies, and other critical systems. Even though this was a major attack, Russia has since launched many other attacks against Ukraine over the last seven years. As tensions continue to rise and Russia continues warfare against Ukraine, the risk of more cyber attacks is extremely high.
On February 24th 2022, Russia launched an invasion of Ukraine. Cyber operations have become increasingly more important for nations around the globe due to the interconnected nature of our modern world. The ability to protect critical assets while also having offensive capabilities are essential for militaries during wartime. With attack vectors and limits of technology always changing, it is difficult to say what new method will be used to gain advantages during conflict. Additionally, attacks specifically crafted to exploit financial institutions, infrastructure, and individuals may be even more effective at gaining tactical advantages. Nations are becoming more creative and thoughtful in the way that they attack targets in order to achieve a certain objective. With this being said, it is safe to say that the intelligence gathered from cyber missions can be leveraged to make decisions that have lasting and dramatic impact. Some more obscure areas prone to security risks in recent history include (but are not limited to) weather/event alert systems, vehicles, and IoT devices.
Risks to United States
Since the Russia and Ukraine battle is still in the very early stages, it is hard to tell how the United States may be affected by possible cyber attacks. However, if the US continues to get more involved, it will be essential to stay alert and up to date on security and current events. Attacks over the last few years have shown that the US has critical infrastructure that is vulnerable to cybersecurity attacks. A recent example of that would be the Colonial Pipeline that was attacked by the DarkSide ransomware group. This attack brought down a critical pipeline that supplies the southeast US for almost a whole week. Critical infrastructure in the US has a very large attack surface. CISA states that there are 16 critical infrastructure sectors, all of which are vital to the United States. Some possible effects of attacks on this infrastructure include disabling financial systems, disabling power in the region, limiting capabilities of hospitals, poisoning the water supply, or disabling communications. Security has been prioritized in these sectors, but they are often a bigger target because of the damage that can be caused. With the amount of resources nation states have, the risk will always be high in these sectors during cyber warfare. The whole country is extremely reliant on technology that even a small disturbance can lead to disaster. Even if the current events deescalate before US infrastructure gets targeted, cybersecurity warfare will become more common and threats like these could become the new norm.
Within the last week DHS warned all organizations to be prepared from possible cyber threats from Russia. CISA (Cybersecurity & Infrastructure Security Agency) also released guidance earlier this month called Shields Up that assists organizations to reduce its risk. If your company is interested in protecting its infrastructure, contact our team for assistance at www.sixgen.io.