The White House is urging U.S. organizations to shore up their cybersecurity defenses after new intelligence suggests that Russia is preparing to conduct cyberattacks in the near future, BleepingComputer reported this week.
With the U.S. imposing strict sanctions against Russia and aiding Ukraine in the war, the White House is expecting the Kremlin to retaliate with cyberattacks against critical infrastructure and U.S. interests.
While Ukraine has been subject to many cyberattacks, there have been no known Russian state-sponsored attacks against the USA since the invasion of Ukraine.
However, the White House and Deputy National Security Advisor Anne Neuberger began urging U.S. companies to increase their cybersecurity defenses after new intelligence indicates Russia is performing “preparatory activity” for potential cyberattacks.
Commenting on the news, Danielle Jablanski, OT cybersecurity strategist at Nozomi Networks, said:
The potential shift in Russia’s intention articulated by the NSA indicates the likelihood of attacks on the US critical infrastructure and should be a wake-up call to any organization that hasn’t been paying attention to the already increasing frequency and severity of incidents in the private and public sectors.
Private briefings with businesses provide the most up-to-date situational awareness for the crisis at hand and will help businesses expand resources in a timely and efficient way.
The urgent to-do list for organisations requires them to come up with a proactive way to begin to fortify operations, but the roadmap for executing will vary based on the availability of resources and personnel.
A major concern today, in addition to increased reconnaissance and probing, is for companies operating critical infrastructure, as Russia may already have access that has so far gone undetected, where the intent will be to deliver a payload or attack a target not prepared to defend against.
Consistently prioritizing the basics and maximizing the potential of dynamic and incremental, rather than static security processes, are key building blocks for resilience.
Etay Maor, senior director of security strategy at Cato Networks, added:
“In today’s business climate, standing still is the kiss of death. This is particularly relevant when it comes to preparing for cyberattacks. As Russian cyber-attacks come in a wide range of threats to business, all companies should always be on high alert when it comes to security and take the necessary steps to secure themselves, their customers and their assets. First and foremost organisations must perform a risk and gap analysis to understand what should be prioritized and how that (be it data, systems, remote workers, cloud applications etc.) should be protected. Training should be continuous and encourage employees to become cyber security aware (and not punitive in nature). Technology-wise – help the security organization maximize results by moving from multiple point solutions to converged solutions that simplify connectivity, security, monitoring, and management. Adding additional capabilities based on the organization’s needs and resources is another advantage – such as MDR, red teams and penetration and vulnerability testers.”