US cyber defense agency warns of possible Russian cyberattacks amid tensions
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a “Shields Up” alert for American organizations saying that U.S. systems could face Russian cyberattacks amid warnings from Biden administration officials that a Russian invasion of Ukraine could be imminent.
With U.S. officials warning on Friday that Russia could invade Ukraine “any day now,” CISA’s alert recommended that all organizations in the U.S., regardless of size, “adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”
“While there are not currently any specific credible threats to the U.S. homeland, we are mindful of the potential for the Russian government to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine,” CISA said.
NBC News reported that the agency issued the alert Friday night.
Russia has amassed more than 100,000 troops on the Ukrainian border, creating a tense standoff in the international community over an expected invasion. President Biden warned Russian leader Vladimir Putin on Saturday that Russia would face “swift and severe costs” if it chooses to invade Ukraine.
White House national security advisers told reports a day earlier that “Russians are in a position to be able to mount a major military action in Ukraine any day” and that an invasion could begin before the end of the Winter Olympics on Feb. 20.
Amid those heightened tensions, CISA said it has been preparing for several months to bolster awareness of a potential Russian cyberattack. CISA noted that Russians engaged in cyber maneuvers “as a key component of their force projection” in Ukraine in 2015, a year after Russia seized the Crimean Peninsula from the neighboring country, among other instances when it has used such maneuvers over the past decade.
“The Russian government understands that disabling or destroying critical infrastructure—including power and communications—can augment pressure on a country’s government, military and population,” CISA said.
The Department of Homeland Security previously warned last month that Russia may pursue a cyberattack against the U.S.
“We assess that Russia would consider initiating a cyber attack against the Homeland if it perceived a US or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security,” the agency said.
Administration officials have said that hackers based in Russia were responsible for cyberattacks on Colonial Pipeline and meat supplier JBS last year.
CISA Director Jen Easterly encouraged all organizations to prepare for potential attacks.
“Every organization in the US is at risk from cyber threats that can disrupt essential services,” she tweeted on Saturday. “As we know, the Russians have used cyber as a key component of their force projection, to include disabling or destroying critical infrastructure.”
CISA said organizations should test backup procedures to quickly restore compromised data, designate a crisis response team, ensure that software is up to date and validate that administrative access to systems requires multi-factor authentication, among other recommendations.