As the conflict between Russia and Ukraine continues to progress, the risk of large cyber attacks in the U.S. remains top of mind for many organizations. Since the U.S. has openly shown its support of Ukraine, the entire country is a target for Russian-backed attacks. Ukrainian government websites have been taking a huge hit from these attacks. Currently, there have been no real threats to the U.S., but experts urge government agencies and organizations to stay vigilant.
Whatever the case may be, the U.S. is prepared to retaliate if it receives a major cyber attack first. In doing so, the government has expressed that they do not want to negatively impact Russian citizens’ lives. Retaliation will be more of a warning to deter further attacks. But we might see this coming into play soon. In recent news, Chinese allies of Russia have begun attacking European targets. As the threats continue to expand outwards, the time to harden up cybersecurity in the United States is now.
The Importance of Cybersecurity
Cybersecurity experts are saying that cyber attacks are one of the biggest threats to U.S. security. Unfortunately, unlike physical combat, the United States government and military cannot protect organizations from cyberwarfare. The government can, however, encourage strong cybersecurity practices. Essentially, protecting against cyber attacks is each organization’s individual responsibility. According to an expert, the private sector is not prepared for attacks that may come along with this war. Regarding this sector, President Biden shared, “You have the power, the capacity, and the responsibility to strengthen the cybersecurity and resilience of the critical services and technologies on which Americans rely.” Whether in the public or private sector, leaders need to understand how their cybersecurity practices could protect or harm the U.S. and its people.
In recent years, we have seen damaging cyber attacks believed to come from Russia. For instance, the attacks on the Colonial Pipeline, SolarWinds, and JBS Foods. In total, 60% of state-sponsored attacks in 2021 can be attributed to Russia. The possibility of an attack at this scale isn’t unlikely, especially for the U.S. sectors listed below.
Who Is Most At Risk
The financial services sector is critical to the U.S. economy. Currently, attacks in this sector following sanctions on Russia have been “subtle but intensified.” But so far, there have been no attacks large enough to cause concern. Some types of attacks that financial services are at the most risk of are distributed denial of service (DDoS) and Trojans.
A DDoS attack aims to disrupt traffic of a server by flooding it with internet traffic. Once a network has been infected with malware, it uses bots to overwhelm the network and denies service to normal traffic.
A Trojan is an attack that is designed to deceive people into downloading malware and/or providing password information. An example of this would be a fake log-in page for your bank’s website that overlays on top of the actual page.
Along with financial services, the energy sector is one of the most at risk of being attacked. Physical attacks on the electric grid in the past have shown how easy it is to knock out the power for Americans. Out of the 55,000 substations across the U.S. that house transformers, only nine would need to be taken out to put the entire nation in a blackout.
Also, Russia has proven they can take down electric grids with a cyber attack. In 2015, Russia took out 60 of Ukraine’s substations with a cyber attack, leaving hundreds of thousands of people without electricity. The problem is that there is no sole controller of the entire U.S. electric grid. Currently, there are about 3,000 different public and private companies that own different parts of the grid. There is no way to ensure consistent cybersecurity of the U.S. electric grid, and very few people prepared to survive without it.
All the details of these reports, along with more information, can be found in a CBS interview with electric grid experts.
Within the U.S. government, the Department of Defense (DoD) is the most at risk of a damaging attack. The DoD is the U.S.’ largest government agency and is in control of the country’s military forces. Government Contractors who provide critical products or services to the U.S. government are also at risk. The Defense Industrial Base (DIB) oversees supplies and weapons for the U.S. military.
The most imminent threat to the government side is wiper malware. Wipers are used to erase (wipe) the hard drive of the device it infects. At this time, there are three wipers that are prominent. These are WhisperGate, HermeticWiper, and IsaacWiper. All three of these have been seen in attacks on Ukranian government websites.
Other Critical Infrastructure
In President Biden’s Statement on our Nation’s Cybersecurity, he shares, “Most of America’s critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors.” Services such as transportation, water and waste, manufacturing, healthcare, communication, food and agriculture, and insurance are at risk of being disrupted. These sectors may not be used to cyber threats, and therefore are not prepared to defend a cyber attack.
It should be noted that in the end, every sector, industry, and company is more at risk of a cyber attack than before this conflict started.
What You Can Do
Zero Trust Security
If you are a government agency or work in critical infrastructure, you likely have a huge target on your back. Implementing a Zero Trust security framework is a must during these uncertain and tense times. Zero Trust aims to stop threats before they occur by never trusting and always verifying. With this framework applied to your organization, you can help minimize the impact of potential threats. It is every organization’s responsibility to be doing what they can to protect the nation and its citizens.
For a more in-depth look at the Zero Trust security framework, check out our free whitepaper.
Cybersecurity Maturity Model Certification (CMMC)
If you are a government contractor, there has never been a more important time for you to get CMMC certified. By being prepared for certification now, you can begin protecting your organization from upcoming threats. The nation’s security relies on government contractors keeping its federal contract information (FCI) and controlled unclassified information (CUI) secure.
For more information on CMMC, check out our Roadmap to CMMC.
Implement Risk Matrix
Assess your cybersecurity hygiene and possible vulnerabilities. After recognizing gaps, create a risk matrix to determine what the highest priorities are based on how big of an impact they would have on security and how likely a threat is to occur. Make sure you have a plan for how to deal with each category of risks (low, medium, high).
Need to harden your cyber defenses or have additional questions? Fill out the form below to get in contact with one of our cybersecurity experts!