As Russian tanks plowed into Ukraine and their missiles hit targets across the country, their hackers launched waves of cyberattacks. In the weeks and days leading up Invasion of RussiaUkrainian websites are frustrate and done offlineand data deletion malware is liberate, release, free on government systems. And while a physical attack might surprise most people, a virtual one doesn’t: Russia has been using cyberweapons against Ukraine for years. Now, the question for some is whether Russia will redirect its cyberattacks towards the US and how the US will respond.
According to President Biden’s speech on Thursday afternoon, the US can and will launch cyberattacks on Russia – but only if Russia attacks the US first.
“If Russia pursues cyberattacks against our companies, our critical infrastructure, we will be ready to respond,” Biden said, adding that the government has been working with private sector “for months” to prepare for Russian cyberattacks and respond to them.
Biden’s comments suggest that the White House wants to treat any possible US cyberattack against Russia as retaliation for Russia’s first attack on the US, not as a pre-emptive move by the US or a blow to the US. retaliation for Russia’s attack on Ukraine. This mentality was also shown when the government pushed back an NBC report stated that, even if Russia did not strike first, Biden was presented with options to use American cyberweapons against it “on a scale never before contemplated.” Press Secretary Jen Psaki tweeted that the report is “baseless” and “does not reflect what is actually being discussed in any way or form.”
While a Russian cyberattack on Ukraine’s infrastructure is very likely – it has happened before – it is not clear that this will happen to the US. Although many countries have cyberweapons, very few will admit to using them, including the United States. America is believed to be the most powerful nation in the world in terms of cyber capabilities, but, mostit keeps its abilities a secret, even though it has admit that they exist. While we know the US has cyber weapons, we know much less about what they are, their access rights, and the type of damage they can cause if deployed as a weapon of war.
“Countries including the United States engage in intelligence-gathering activities in cyberspace, but no one has declared the activity to be an all-out war,” said James Turgal, vice president for cyber intelligence. Cyber risk, strategy and board relations at cybersecurity firm Optiv, told Recode. “However, we are in a new era with Russian aggression in Ukraine.”
Experts say that the US is almost certainly prepared for the increased possibility of a cyber attack from Russia.
Purandar Das, CEO of Sotero, a data security software company, said: “In fact, it would be a surprise if America’s defensive postures haven’t been taken. “Governments are capable of deploying their defense mechanisms.”
George Perera, associate director of cybersecurity law at St. Thomas, said that a cyberattack from Russia would likely target critical infrastructure and, if successful, “could be devastating”.
“There is a possibility that you could lose clean water, electricity, financial markets,” explains Perera. More importantly, he added that the likelihood of a successful attack on the United States is “minimal,” given the United States’ defensive capabilities.
But some warn that the private sector in particular may not be fully prepared, even as many companies have tried in recent years to better protect against cyberattacks.
“The evolution of ransomware and attacks over the past decade should put private and public organizations on alert to improve security positions,” said Ryan Golden, cybersecurity expert at Halcyon. security, implement new classes and tools, train employees, and continuously improve their processes.” anti-ransomware software company, said. “Unfortunately, cybersecurity programs are still viewed as a line item on the budget table, leaving many organizations and agencies vulnerable to disruption.”
Russia – both officially and through cybercriminals doing the bidding – has a long history of using cyberweapons against perceived adversaries, including the US. Significant Russia-related cyberattacks against the United States in recent memory include Hack SolarWindswas first detected in late 2020 and a series of high-profile ransomware attacks, including last year’s attack on Colonial oil pipeline. The previous incident, which resulted in the infiltration of several US government agencies along with about a hundred companies, was attributed to Russian intelligence services. The second case, which carried out a pipeline to transport half of the East Coast’s gasoline in a few days, is attributed to criminal organizations based in Russia, possibly operating with the knowledge and approval of the government. Russian government.
Putin denied that Russia had any part in both incidents and that the Russian embassy did previously said it “does not perform operations in the network domain”. But the Biden administration cites the SolarWinds hack as one of the reasons for economic sanctions against Russia last Apriland the president said last June that, a few weeks after the colonial pipeline attack, he told Putin there would be “consequences” if ransomware attacks on the US continued.
“Russia has managed to largely avoid responsibility for cyberattacks,” said Josef Schroefl, deputy director of strategy and defense at the European Center of Excellence for Countering Hybrid Threats. “In conventional warfare, the allocation is often simple. But in cyberspace, it’s very complicated, it can be time-consuming and expensive.”
Meanwhile, Ukraine has for many years almost always been threatened by cyberattacks from Russia. The country’s electricity grid was hacked into 2015 and 2016 and is reported still vulnerable today. Malware is called NotPetya was launched on the financial sector of Ukraine in 2017 and eventually spread to millions of computers worldwide, making billions of dollars in damage. In October 2020, USA charge several Russian intelligence officers for their alleged involvement in the development of NotPetya and hacking attacks on the Ukrainian power grid.
For its part, the United States has also been caught using cyberweapons a few times. It, in collaboration with Israel, is believed to be behind Stuxnet, a virus that targets Iran’s nuclear program. No country has ever acknowledged this.
As for Ukraine, Das said he believes it will launch its own attacks on Russia — “Ukraine is already a hotbed of engineering activity and they have the skills” — although the US can help. intelligence help. Schroefl said Ukraine has “significantly expanded and improved its capabilities” to defend against cyberattacks over the past few years, with the help of European Union countries and Israel. “But fundamentally, Ukraine still needs support, especially in securing command and control systems and critical infrastructure.”
Looks like Ukraine is also getting some help from hackers not affiliated with any state: It is reported to have appealed to its “underground hacker”, like Reuters called it, to help protect Ukraine’s infrastructure and spy on the Russian military. The hacker collective known as Anonymous declare on Thursday night that it was behind a DDoS attack that brought down Russian state-sponsored news site RT. On the Russian side, a prominent ransomware gang has pledge its allegiance to Russia.
Karen Walsh, CEO of Allegro Solutions, notes that it is likely that the US has engaged in some kind of hacking activity. It is also likely that we will not know any or all of the actions of the United States for a long time to come. The U.S. government said that Russian cyberattacks can be “brazen and aggressive, sometimes with questionable levels of security and operational secrecy.” The US, on the other hand, keeps any of its cyberattacks much more secret, to the point where we rarely know that it’s doing anything.
“Until classified documents are unclassified 50 years from now, we will never know the full scale of our hacking activity,” Walsh said. “Hopefully, any US cyberwar will remain targeted at Russia’s military capabilities and have limited impact on the everyday Russian people.”
Russia’s attacks on Ukraine in the real world and in cyberspace have, so far, followed the known tactics we’ve seen before. A total cyberwar – one that includes highly disruptive, dangerous, and well-known attacks on critical infrastructure and weapons systems – has yet to happen. But it seems more likely than ever that such a war could happen soon.
https://www.vox.com/recode/22950633/cyberattacks-russia-ukraine-us-cyberwar The Russian-Ukrainian cyber war may have begun. Next is the United States?