Cybersecurity Readiness Advised as Russian Threats LoomFed, State Officials Brace for Cyberattacks as Invasion of Ukraine Appears Imminent
A speech on Monday by Russian President Vladimir Putin caused widespread alarm after U.S. President Joe Biden announced on Friday that Russia was believed to be days away from invading Ukraine. For weeks, federal officials and agencies have been prompting network defenders - especially those managing the networks of critical infrastructure - to review emergency response plans in the event that nation-state actors launch a massive cyberattack against the public and private sector.
In past weeks, as Russia has taken increasingly aggressive actions indicating a potential invasion of Ukraine, U.S. federal and state-level leaders have advised vigilance in security measures.
Putin delivered remarks on Monday from the Kremlin. In an interpretation by CNN, Putin spoke against Ukrainian independence, adding legitimacy to rebel states Donetsk People’s Republic and Luhansk People’s Republic. NATO has since said in a statement that Putin's comments exhibit a violation of agreements in place to promote the sovereignty of Ukraine.
In a press conference, Biden made a statement that - according to U.S. intel - Russia could invade Ukraine in a matter of weeks or days. Biden also said he was "convinced" that Russian President Vladimir Putin had already made a decision to invade.
Watch live as I give an update on our continued efforts to pursue deterrence and diplomacy – and an update on Russia’s buildup of military troops on the border of Ukraine. https://t.co/Xt6EQUNltF— President Biden (@POTUS) February 18, 2022
Federal and state-level officials have urged network defenders, as well as individuals, to brace for cyberattacks that could disrupt the networks of critical infrastructure, as CISA and other agencies recommend rapid communication if an attack stemming from Russian retaliation occurs.
New York's Response
New York Gov. Kathy Hochul on Sunday released a warning for organizations, particularly those in leading sectors such as finance and healthcare, on increasing cybersecurity safeguards amid growing tensions between Russia and Ukraine.
Hochul said the New York Office of the Governor was planning to stay in step with the White House and the Department of Homeland Security if Russia invades Ukraine, added that New York was an alluring target for cybercriminals and nation-state actors.
"Because New York state is a leader in the finance, healthcare, energy, and transportation sectors, our state is an attractive target for cybercriminals and foreign adversaries," she said, adding that individuals and organizations should be mindful of cyber hygiene, such as setting MFA controls and ensuring strong passwords.
As cyberattacks become more sophisticated, Hochul said, "cabinet leadership" is partnering with other private sector and government agencies "to ensure threat intelligence is being relayed as quickly as possible." Communications between all parties would be essential, she said.
In light of the "current geopolitical uncertainty," Hochul tweeted about the necessity of staying prepared for cyberattacks.
With current geopolitical uncertainty, I convened my team to discuss ongoing cybersecurity efforts.— Kathy Hochul (@GovKathyHochul) February 21, 2022
Our state is an attractive target for cyber criminals & foreign adversaries, but New Yorkers should be confident that we are hard at work watching & preparing for any threats. pic.twitter.com/HnrIJEeoWS
She also spoke of the measures her office is taking to protect New York's critical infrastructure, such as dedicating $62 million from the state's budget to add additional security protections. According to Hochul, the cybersecurity budget has grown 50% from 2021.
Echoing a joint advisory alert by the Cybersecurity and Infrastructure Security Agency in recent weeks, Hochul advised individuals and businesses to be vigilant of cyberattacks and said her office has been in "regular touch" with DHS and the White House. Hochul said that personal devices can be vulnerable and advised using "best practices," such as creating strong passwords and implementing MFA. Assisting "older loved ones" and others vulnerable to scams was also a part of larger protective measures as federal- and state-level agencies brace for cyber fallout if tensions between Russia and Ukraine continue to rise.
Information Security Media Group did not receive a response to its request for comment from Hochul's office by the time of publication.
Financial Sector Targeted
According to a 2019 report by the U.S. Bureau of Labor Statistics, more than 60% of private sector wages in New York City come from the finance and insurance sectors. Findings from the Bank for International Settlements in Jan. 2021 found that work from home and banking digitalization coordinated with increased cyberattacks from state-sponsored threat actors as credit unions, payment firms and insurance providers were observed to be affected in higher numbers that other financial service operators. Blockchain-related firms have also been targeted proportionately more often, as seen from recent cyberattacks targeting cryptocurrency traders, according to research by Chainalysis.
Financial Services Information Sharing and Analysis Center CEO Steven Silberstein tells ISMG that FS-ISAC is currently monitoring the circumstances developing in Ukraine.
"Our global intelligence team has set up the appropriate communication channels to equip the financial services industry with the pertinent cybersecurity information and guidance," he says, adding that members will be alerted in advance of cybersecurity concerns if Russia should invade Ukraine.
In fresh research by Flashpoint, researchers also analyze how pro-Russia militias are making use of social media and crypto wallets in an effort to carry out illicit actions against Ukraine.
CISA's Response to Russian Threats
Last week, CISA issued a joint advisory in response to Russian aggressions as banks and other critical infrastructure are running tabletop exercises as preparation to counter massive cyberattacks that could be launched by Russia in retaliation (see: CISA Warns Orgs to Prep for Potential Russian Cyberattacks).
Scott McConnell, spokesperson for CISA, advised security practitioners to stay up to date with the latest security alerts through CISA's "Shields Up" campaign, which provides resources should a widespread cyberattack be launched against U.S. critical infrastructure.