The economic sanctions placed on Russia in reaction to the invasion of Ukraine have raised the possibility of cyberattacks by state-sponsored hackers, according to a warning from President Biden. Prior to the publication of Biden’s warning, the FBI released an alert to raise awareness among organizations within the private sector about cybercriminal gangs linked to Russia. In a White House briefing on Monday, Deputy National Security Advisor Anne Neuberger stated that malicious actors linked to Russian IP addresses had engaged in “preparatory activity” for cyberattacks, including searching websites and other Internet-facing systems at 5 US energy companies for exploitable security flaws. At least 18 other US companies in industries including financial services and defense have also been searched. The FBI claimed that since Russia invaded Ukraine, scanning activity has escalated and that Russian IP addresses have previously been utilized for damaging cyber operations against foreign vital infrastructure.
The private sector manages a significant portion of the crucial infrastructure in the United States. Owners and operators of key infrastructure have been urged by President Biden to step up efforts to strengthen their defenses. As a precaution against potential Russian cyberattacks, the White House has released a fact sheet outlining the actions that should be done to strengthen cybersecurity defenses. The fact sheet urges prompt action to put the measures into practice. Implementing and requiring the usage of multi-factor authentication is one of the most crucial actions that can be taken to increase security. Threat actors will find it considerably more difficult to access internal networks using stolen or compromised credentials with multi-factor authentication. Deploying security software that can continually scan computers and other devices to find and eliminate threats is also a good idea. Another measure is to require all operating systems and software to be updated and patched against known vulnerabilities, especially those that are included in the Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerability Catalog.
The fact sheet also recommends organizations to provide comprehensive security awareness training to employees in order to prevent threats and ensure all suspicious activity is reported appropriately. Finally, the U.S. government encourages all critical infrastructure operators to actively communicate with their local FBI field offices and CISA Regional Office to ensure quick and efficient responses take place in the event of a cyber attack.