Privacy Plus+

Privacy, Technology and Perspective

Cyberattacks on Ukraine and What they Mean for U.S. Critical Infrastructure Providers.  This week, we would like to direct our readers’ attention to a recent article published in Foreign Affairs magazine, entitled “The Myth of the Missing Cyberwar.”  The article details the extent of Russian cyberattacks on Ukraine’s critical infrastructure and highlights the vulnerabilities faced by critical infrastructure providers everywhere. A link follows:

As reported, a “host of prominent scholars and analysts of cyberconflict” have dismissed the “role of cyber-operations” in the Russian-Ukraine war, but theirs is a “dangerous misdiagnosis.”  “To the contrary, the magnitude of Moscow’s pre-kinetic destructive cyber-operations was unprecedented.” Russia’s cyberattacks have “affected government agencies, military institutions, civil emergency services, and a range of other critical infrastructure sectors such as defense industrial base manufacturers, information technology services, and energy companies directly relevant to Ukraine’s military capacity.”  Those attacks have been “entirely consistent with a so-called thunder run strategy intended to stoke chaos, confusion, and uncertainty, and ultimately avoid a costly and protracted war in Ukraine.”

This week, U.S. Attorney General Merrick B. Garland made public that over the past few weeks, and acting with court authority in the U.S. and in cooperation with intelligence agencies abroad, the U.S. has secretly disrupted a global botnet controlled by the Russian GRU (its military intelligence agency).  In his comments, A.G. Garland explained that the Russian government had already used that malware to attack Ukrainian targets. A link to his remarks follows:

A link to the Justice Department’s detailed press release about this action, dated April 6, 2022, is below:

The takeaway message from all this, however, is not that the cyberwar is already over and won.  Far from it:  it is probably just getting started. As stated in the Foreign Affairs’ article, “[w]ith the likelihood that the conflict will become a protracted war, Russia will probably not exercise restraint in its use of additional disruptive and destructive cyber-actions.” Therefore, providers of critical infrastructure services especially – but also everyone else who has something to lose — should act now to protect against the threat of cyberattacks. 

The White House has urged companies to take at least these basic steps:

  • – Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;

  • – Deploy modern security tools on your computers and devices to continuously look for and mitigate threats;

  • – Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors;

  • – Back up your data and ensure you have offline backups beyond the reach of malicious actors;

  • – Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack;

  • – Encrypt your data so it cannot be used if it is stolen;

  • – Educate your employees about common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly; and

  • – Engage proactively with your local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents. Please encourage your IT and Security leadership to visit the websites of CISA and the FBI where they will find technical information and other useful resources.

For more, you can review this Fact Sheet published by the White House:

Hosch & Morris, PLLC is a boutique law firm dedicated to data privacy and protection, cybersecurity, the Internet and technology. Open the Future℠.