Concerns around Russia’s retaliation to sanctions placed on the country in response to its invasion of Ukraine have a major focus – cyberattacks. The White House recently released a statement urging organizations to prepare for this possibility, with a particular emphasis on industries dependent on industrial control systems. This comes amid the administration’s other warning that there has been information gathered indicating that Russia may be scanning for opportunities. Therefore, the time is now to ensure that critical infrastructure is protected, especially since as Danielle Jablanski wrote for SC Media, such industries are “a high-value target less tolerant of outages or downtime.”
The U.S. Prepares for the Threat of a Russian-led Cyberattack
One of the main elements to such preparation is communication. In that same SC Media piece, Jablanski noted that building a proactive strategy should include information sharing. This process allows for some standardization and pushes for a centralization contact. The Cyber Incident Reporting Act (CIRA) that was introduced not long ago supports this point. Not only does it signify the Cybersecurity and Infrastructure Security Agency (CISA) as the central resource and institute a reporting timeline, but it also collects insight from multiple critical infrastructure sectors and establishes a space where they can come together to exchange data about how to best handle cybersecurity and potential threats in order to decrease the amount of risk they face.
This isn’t the only measure that has been put together. For example, the U.S. Security and Exchange Commission has put forth a proposal for updated regulations regarding standard reporting practices as well. Plus, American Hospital Association reported that the CISA, FBI and Department of Energy have published their own joint alert to the energy sector and other critical infrastructure industries. A specific warning presented by this alert is to remain mindful of any activity associated with Russian-stemming malware known as TRITON.
The World Prepares for the Threat of a Russian-led Cyberattack
We are likely to see such efforts persist, especially as such high-stake threats are involved. Entities making up the critical infrastructure field are uniquely intertwined. An attack on finance can impact transportation, whereas an attack on energy can impact water. That’s just naming a very short list of the connectedness that ties it all together. And, obviously, this critical infrastructure network doesn’t only exist in the United States, nor does the concern for its safety.
Included in the alert from the CISA, FBI and Department of Energy was an emphasis on the fact that the global energy sector is a target for Russian actors. Part of what may make these sectors vulnerable is a topic that we’ve covered before – the increasing connection of OT systems. In 2020, the Canadian Center for Cyber Security already started addressing issues arising with this technological advancement. It released the first National Cyber Threat Assessment, which included a particular focus on OT attacks. According to Tripwire, at the time of its release, that report found that “at least seven ransomware variants have contained instructions to terminate ICS processes, “since 2019. Europe has also taken its own steps. In the IOCTA 2021 report put out by Europol, it was concluded that cyberattacks had also increased there, impacting large corporations and public institutions as well as the digital supply chain.
- “Governments take steps to create cyber fortresses across critical infrastructure” – Danielle Jablanski, SC Media
- “Agencies urge critical infrastructure organizations to protect against Russian cyber threats to energy sector” – American Hospital Association
- “OT Cybersecurity Concerns Are Increasing Across the Globe” – Anastasios Arampatzis, Tripwire
Learn about the ultimate solution to protect infrastructure networks, Net-Optix.