The cyber war between Russia and Ukraine may have already begun. United States next?

As Russian tanks entered Ukraine and its missiles hit targets across the country, Russian hackers launched a wave of cyberattacks. In the weeks and days leading up to the Russian invasion, Ukrainian websites were spoiled as well as disabledand malware to delete data was released to government systems. While the physical attack may have come as a surprise to most, the virtual attack did not: Russia has been using its cyber weapons against Ukraine for years. Now the question for some is whether Russia will point its cyber weapons at the US and how the US will react to that.

According to President Biden’s address Thursday afternoon, the US can and will conduct cyberattacks on Russia, but only if Russia attacks the US first.

“If Russia continues cyberattacks on our companies, our critical infrastructure, we are ready to respond,” Biden said, adding that the government has been working with the private sector “for months” to prepare for and respond to Russian cyberattacks.

Biden’s comments suggest that the White House is seeking to present any possible US cyberattacks against Russia as retaliation for Russia’s first attack on the US, rather than a preemptive US move or retaliation for Russia’s attack on Ukraine. This view was also expressed when the administration abandoned NBC report arguing that even if Russia did not attack first, Biden was presented with options to use US cyberweapons against it “on a scale never before imagined.” Press Secretary Jen Psaki tweeted that the report was “incorrect” and “in no way reflects what is actually being discussed.”

While a Russian cyberattack on Ukrainian infrastructure is entirely possible — it has happened before — it is less clear that it will happen to the US. While many countries have cyber weapons, only a few, including the US, admit to using them. America counts the most powerful country in the world in terms of cyber capabilities, but, mostlyhe keeps his abilities in the strictest confidence, although recognized that they exist. While we know the US has cyber weapons, we know much less about what they are, what they have access to, and what damage they can do if used as a weapon of war.

“Nation-states, including the United States, are engaging in intelligence gathering operations in cyberspace, but no one has declared this activity to be a full-scale cyber war,” James Turgal, vice president of cyber risk, strategy and board relations for cybersecurity company Optiv, said Recode. “However, we have entered a new era with the Russian invasion of Ukraine.”

Experts say the US has almost certainly braced itself for the increased likelihood of a Russian cyberattack.

“It would actually be a surprise if the U.S. defensive positions weren’t ready yet,” said Purandar Das, CEO of Sotero, a data protection software company. “The government, in all likelihood, deployed its defense mechanisms.”

George Perera, associate director of cybersecurity law at St. Thomas University, said a cyberattack from Russia is likely to target critical infrastructure and, if successful, “could be devastating.”

“You could potentially lose clean water, electricity, financial markets and more,” Perera explained. Importantly, he added, the likelihood of a successful attack on the US was “minimal” due to US defensive capabilities.

But some have warned that the private sector, especially, may be underprepared, even as many companies have struggled to better protect against cyberattacks in recent years.

“The rise of ransomware and attacks over the past decade should have forced private and public organizations to rethink their security measures, deploy new layers and tools, educate staff, and continuously improve their processes,” Ryan Golden, cybersecurity expert and chief marketing officer. said an employee at Halcyon, a company that makes anti-ransomware software. “Unfortunately, cybersecurity programs are still treated as a budget item, leaving many organizations and institutions vulnerable to disruption.”

Russia—both officially and through cybercriminals on its bidding—has a long history of using cyberweapons against perceived enemies, including the US. Major Russian-related cyberattacks against the US recently include the SolarWinds hack, first discovered in late 2020, and a number of high-profile ransomware attacks, including last year’s attack on the Colonial oil pipeline. The first, which led to the infiltration of a number of US government agencies and about a hundred companies, was attributed to Russian intelligence. The latter, which shut down a pipeline carrying half of the East Coast gasoline for several days, was attributed to Russian-based criminal organizations that likely acted with the knowledge and approval of the Russian government.

Putin denied Russian involvement in both incidents, and the Russian embassy previously said it “does not operate in cyberspace”. But the Biden administration cited the SolarWinds hack as one of the reasons for economic sanctions against Russia. last apriland last June, the president said that weeks after the Colonial Pipeline attack, he told Putin that there would be “consequences” if ransomware attacks on the US continued.

“Russia has managed to avoid much of the responsibility for cyber attacks,” said Josef Schroefl, deputy director for strategy and defense at the European Center of Excellence for Countering Hybrid Threats. “In conventional warfare, attribution is usually simple. But in cyberspace it is very difficult and can take a lot of time and money.”

Meanwhile, Ukraine has been under the almost constant threat of cyber attacks from Russia for many years. The country’s energy system was attacked in 2015 and 2016 and is reportedly vulnerable today. The malware is called Nepetya was brought down on the financial sector of Ukraine in 2017 and eventually spread to millions of computers around the world, performing billions of dollars in damage. In October 2020 USA charged several Russian intelligence officers for their alleged involvement in the development of NotPetya and hacker attacks on the Ukrainian energy system.

For its part, the United States has also been accused of using cyber weapons on several occasions. It is believed that she, in agreement with Israel, is behind Stacksnet, a virus targeting Iran’s nuclear program. No country has ever recognized this.

As for Ukraine, Das said he thought it would attack Russia on its own — “Ukraine is already a hotbed of technical activity and they have the skills” — although the US could help with intelligence. Schroefl said Ukraine has “expanded and significantly improved its ability” to defend against cyberattacks over the past few years with the help of the European Union and Israel. “But, in principle, Ukraine still needs support, especially in securing its command and control systems, as well as critical infrastructure.”

Ukraine also appears to be getting some help from hackers with no ties to any state: it has reportedly reached out to its “hacker underground” as Reuters called itto help protect Ukrainian infrastructure and spy on the Russian military. The hacker collective known as Anonymous argued on Thursday evening that she was behind a DDoS attack that brought down the state-sponsored RT news site. On the Russian side, there is one well-known gang of extortionists. declared his loyalty to Russia.

Karen Walsh, CEO of Allegro Solutions, noted that it is likely that the US is already conducting some kind of offensive cyber operations. It is also likely that we will not be aware of any or all US actions for a long time to come. US government said that Russian cyberattacks can be “brazen and aggressive operations, sometimes with dubious levels of operational security and secrecy.” The United States, on the other hand, has been far more secretive about any of its cyberattacks, to the point where we rarely know they are doing anything at all.

“Until the classified documents are declassified in 50 years, we will never know the full extent of our offensive cyber operations,” Walsh said. “We hope that any US cyber warfare will continue to target Russian military capabilities and limit the impact on ordinary Russian citizens.”

Russian attacks on Ukraine in the real world and in cyberspace have so far followed well-known tactics that we have seen before. An all-out cyber war that would include extremely destructive, dangerous and high-profile attacks on critical infrastructure and weapons systems has not yet happened. But it seems more likely than ever that such a war could break out soon.

Source link

Leave a Reply

Your email address will not be published.

Back to top button