The cyber war surrounding Russia’s invasion of Ukraine is heating up as Russian soldiers and tanks besiege the country.
Now experts are braced for the possibility of those cyberattacks coming here, and making sure America’s businesses and consumers are ready. Taking measures to prevent being exposed to such an attack might be easier than people think, experts told MarketWatch.
A week before Russian President Vladimir Putin ordered troops into its neighboring country, a cyberattack hit a series of Ukrainian government websites and banks, according to the Associated Press. Ukrainian officials suggested Russia was behind the incident. Earlier this month, CNN reported that officials from several U.S. agencies met with executives from U.S. banks to discuss how they might respond to Russian cybercriminals, according to people briefed on the meeting.
As the ground assault intensified this week, a Twitter
account linked to the hacker collective Anonymous claimed responsibility for a range of attacks, including one on RT, a Russian state-funded media outlet that the U.S. State Department has previously called a part of Russia’s “disinformation and propaganda ecosystem.”
Back on American soil, President Joe Biden on Thursday warned: “If Russia pursues cyberattacks against our companies, our critical infrastructure, we are prepared to respond.” Government officials have been working for months with the private sector “to harden their cyber defenses, sharpen our ability to respond to Russian cyberattacks as well,” Biden said.
“Last month, the U.S. Cybersecurity and Infrastructure Security Agency, a federal agency operating under the Department of Homeland Security, issued a warning.”
Last month, the U.S. Cybersecurity and Infrastructure Security Agency, a federal agency operating under the Department of Homeland Security, issued a warning: “Historically, Russian state-sponsored advanced persistent threat (APT) actors have used common but effective tactics — including spearphishing, brute force, and exploiting known vulnerabilities against accounts and networks with weak security — to gain initial access to target networks.”
“Russian state-sponsored APT actors have also demonstrated sophisticated tradecraft and cyber capabilities by compromising third-party infrastructure, compromising third-party software, or developing and deploying custom malware,” it added. “The actors have also demonstrated the ability to maintain persistent, undetected, long-term access in compromised environments — including cloud environments — by using legitimate credentials.”
America’s largest chip maker, was reportedly hit by a cyberattack, the company said on Friday. A spokesperson for Nvidia told MarketWatch it was “investigating an incident,” but said its “business and commercial activities continue uninterrupted. We are still working to evaluate the nature and scope of the event and don’t have any additional information to share at this time.”
“If the government is working with businesses to make sure they are steeled for anything attempting to gut internet service or knock out operations, what should people be doing to prepare themselves?”
Markets jumped higher Friday afternoon on the news that Russia was open to talks with Ukrainian leadership, even as Russian forces set their targets on Kyiv, Ukraine’s capital. By Sunday evening, however, U.S. stock-index futures tumbled after Putin raised Russia’s nuclear alert level following stinging new sanctions from the West over the Russian invasion of Ukraine.
But if the government is working with businesses to make sure they are steeled for anything attempting to gut internet service or knock out operations, what should people be doing to prepare themselves? That’s important considering how the pandemic has deepened our dependence on the internet to bank, shop and work, experts say.
At least nine federal agencies and 100 private sector companies were recently compromised by cyberattacks. Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, told a press conference last year: “The intelligence community is looking at who is responsible. Until that study is complete, I’ll use the language we previously used, which was to say an advanced persistent threat actor, likely of Russian origin, was responsible.”
If new Russian-linked malware initially targets Ukraine “that’s not necessarily something that can be contained in Ukraine,” said Lisa Plaggemier, interim executive director of the National Cybersecurity Alliance, a nonprofit organization. And even if there isn’t any sort of Russian-backed cyberattack, garden variety cybercriminals might try to exploit the moment for their own gain.
How to protect your personal information online:
• Keep an eye out for “phishing” emails that are trying to urge a person to a click. “If there’s a way we can be socially engineered with headlines because we are all concerned, they will take advantage of that,” Plaggemier said.
“Watch for suspicious activity that asks you to do something right away, offers something that sounds too good to be true or needs your personal information. Think before you click. When in doubt, do NOT click,” according to a federal government website, Ready.gov.
• People should use multi-step authentication passwords to get into important accounts, Plaggemier said. That includes financial accounts, but it should also include social media accounts too. “Yes, multi-factor authentication takes a couple extra seconds, but it prevents a world of harm,” she said.
Relatedly, consumers should really consider a password manager if they haven’t already. Using one isn’t as hard as consumers might think as it stores and remembers more passwords along the way, she said.
• Consider backing up crucial information in an encrypted file, or a device like an external hard drive. Cloud-based services are also a good option, Plaggemier said.
• Constantly update operating systems on computers and cellphone apps. “If Russia exploits a vulnerability over the next days or weeks, everybody’s going to rush to build a patch,” she said, adding it’s a good idea to log out of websites and accounts, allows updates to run.
In Neuberger’s words during last year’s White House briefing: “In the United States, the way we’re structured, public-private partnership has to be a core part of national cyber defense. So there’s active sharing going on in both directions: government sharing its insights with private sector entities — both who have been compromised and those who have broader visibility — and private sector entities sharing their insights to ensure we can together scope and scale what occurred.”