The Department of Homeland Security has warned of possible cyberattacks on the United States in conjunction with a Russian invasion of neighboring Ukraine.
The government warned in late January that a Russian attack on Ukraine was “imminent,” and the DHS told law enforcement agencies to expect cyberattacks from Russia. “We assess that Russia would consider initiating a cyber attack against the Homeland if it perceived a U.S. or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security,” said a Jan. 23 DHS bulletin obtained by
ABC News
.
Russia has a “range of offensive cyber tools that it could employ against U.S. networks,” the department added.
The DHS warning follows a series of
destructive cyberattacks
on Ukrainian organizations. Some cybersecurity experts suspected those attacks came from Russian hackers.
The U.S. and other organizations should be operating at an increased “state of alert” because of the situation with Russia and Ukraine, said Tom Garrubba, vice president of
Shared Assessments
, a risk management organization. The threat environment has expanded because of the situation there, he said.
“As the threat environment continues to change, proper diligence is expected … to ensure all cyber-defensive tools and techniques are employed to protect your most precious data assets,” he said. “Continuous intelligence, monitoring, and dialogue with critical partners and suppliers should be ongoing to ensure all is ready” in the event of an attack.
Cyberattacks on the U.S. could distract the government from responding to a physical attack on Ukraine, some cybersecurity experts said.
Cyberattacks could also increase Russian political leverage over possible sanctions that the U.S. government would impose for an attack, added Mark Carrigan, senior vice president of process safety and operational technology cybersecurity at
Hexagon PPM
, a provider of digital transformation services.
“Disruption and chaos are powerful mechanisms to divide public opinion,” he told the Washington Examiner. “In any response, the Biden administration would want to act with confidence that they have internal political support to do so.”
However, Russia-based cyberattacks on the U.S. could backfire, he added. The U.S. has “significant” offensive cyber capabilities, he said.
The U.S. has an “extensive retaliatory capability that could cause significant impact to Russia,” added Andrew Shoemaker, founder and CEO of
NimbusDDOS
, a provider of services to prevent denial-of-service attacks. “In addition, cyberwarfare is relatively new, and U.S. and Russian military and policymakers are operating under murky rules of engagement.”
If the U.S. and Russia attack each other, it “could result in a significant escalation of the conflict, with significant impact for people worldwide,” he told the Washington Examiner.
In addition to spreading chaos, Russian hackers may attempt to disrupt communications networks between the U.S., Ukraine, and other allies, Shoemaker said.
“In the modern interconnected world, there is infrastructure that may extend beyond the borders of Ukraine that Russian forces may wish to disrupt,” he added. “Rather the dropping bombs, they can use a distributed denial-of-service attack to disrupt communication.”
Some Russian hackers may also engage in cyberattacks “in an act of solidarity for the invasion,” Shoemaker added. “The goal of these … attacks is to cause widespread disruption to society and maximize economic damage.”
There have been reports of hacktivists working to prevent a possible invasion. For example, hacktivists operating in Russian ally Belarus
said on Jan. 24
that they had infected the network of the country’s state-run railroad system with ransomware.
Belarusian Railway, at the request of Belarus’s president, Alexander Lukashenko, “allows the occupying [Russian] troops to enter our land,” hacking group Cyber Partisans
wrote on Telegram
. The group said it encrypted the bulk of the servers, databases, and workstations at the railroad “in order to slow down and disrupt” its operations.
