The Department of Homeland Security has warned state and local governments as well as private infrastructure operators that Russia could launch a cyber attack if it perceives a threat to its “long-term national security” in the US or NATO’s response to a potential invasion of Ukraine, according to a new report Monday.
“Russia maintains a range of offensive cyber tools that it could employ against US networks — from low-level denials-of-service to destructive attacks targeting critical infrastructure,” the department said in a Jan. 23 memo obtained by CNN.
DHS analysts concluded that Moscow’s capability to launch disruptive or destructive cyber attacks on the US “probably remains very high” amid heightened tensions over possible Kremlin military action in eastern Europe.
”[W]e have not observed Moscow directly employ these types of cyber attacks against US critical infrastructure — notwithstanding cyber espionage and potential prepositioning operations in the past,” it said.
Russian President Vladimir Putin has amassed more than 100,000 troops along the country’s border with Ukraine, and the US and its western allies have warned an invasion could come at any time.
Fearing retaliatory attacks in the form of cyber incursions, the Treasury Department has held a classified briefing for US banks, while the Energy Department has briefed the country’s largest electric utility companies, CNN reported Monday.
The Cybersecurity and Infrastructure Security Agency, a component of DHS, last week issued a memo saying every organization in the US is at risk of cyber threats, noting a series of recent attacks on government agencies and information technology companies in Ukraine.
Computer systems in that country were infected with destructive malware disguised as ransomware, and the attack defaced government websites to display a message telling users to “be afraid and expect the worst.”
“This CISA Insights is intended to ensure that senior leaders at every organization in the United States are aware of critical cyber risks and take urgent, near-term steps to reduce the likelihood and impact of a potentially damaging compromise,” the agency said, laying out a number of steps to reduce cyber intrusions.
Russian-backed hackers are suspected of being behind 2020’s massive SolarWinds attack that targeted scores of US government agencies — including DHS, the Pentagon and the Justice Department — as well as hundreds of businesses around the world.