Tech

US warns Russia-Ukraine tensions rise


In recent weeks, nearly every nook and cranny of the US government has been subjected to the same question: the Transportation Security Administration, the pipeline security watchdog beyond its better-known role as baggage check. passengers at airports, issued pipeline directives. companies; The Environmental Protection Agency recently hosted two webinars for more than 400 water utilities on essential security steps; and the Department of Energy held comparable CEO-level briefings for energy companies.

Many public-facing government efforts have taken the form of mid-January advisory from CISA, NSA, and FBI outline common tactics and techniques for Russian cyber operations, from fancy Cisco routers to Microsoft Exchange vulnerabilities. Last week, these agencies released another joint advisory, along with international partners from Australia, the UK, highlighting the rise of ransomware attacks in 2021 targeting critical infrastructure important. While the advice never specifically mentions Russia, many of 2021’s worst attacks stem from Russia-based groups like REvil.

Russia has long viewed neighboring Ukraine as a real-world sandbox for testing cyberattacks. In 2015, it bring down the country’s electricity grid. In 2017, it made NotPetya ransomware, which corrupted Ukraine’s tax software and went on to cause losses of up to $10 billion to international companies doing business in the country. Shipping company Maersk saw about 80,000 computers destroyed; FedEx lost nearly half a billion dollars; pharmaceutical company Merck suffered a loss of $800 million.

A more recent attack occurred in mid-January, when dozens of Ukrainian government websites were taken down and their data taken offline, replacing the websites with the warning text, “Fear and expect the worst.” While that attack may have originated with Russia’s ally Belarus, The next destructive malware hit Ukraine’s systems, masquerading as ransomware but deleting data. US officials have also warned about “specific, reliable“Threats to Ukraine’s critical infrastructure. On Tuesday, an apparent DDoS attack to hit websites of the Ministry of Defense, Armed Forces and two major Ukrainian banks, although it is not clear who is responsible.

The US government has long been intimately involved in helping to understand and mitigate Ukraine’s cyber risks, a partnership that it hopes will also help understand and mitigate threats to the homeland. The US Cyber ​​Command conducted what it called “huntMission in Ukraine, deploying teams to the country to search for malware as part of a so-called “continuous interaction” strategy, developed by Its commander, General Paul Nakasonethat tries to keep the United States in constant contact with its main adversaries in the most active arenas in cyberspace.

On the civilian side, CISA works closely with Ukrainian cybersecurity agencies, and the US Agency for International Development has operated for many years. large scale, programs worth millions of dollars to help Ukraine protect its critical infrastructure against cyberattacks. “As you can imagine, we recently contacted CERT-Ukraine to provide reports of possible activity targeting Ukrainian organizations, including Ukrainian government agencies,” Easterly said. , referring to the country’s computer emergency response team. “We’re always ready to be able to help them.”

Red line

Conversations with more than a dozen senior cybersecurity leaders across the U.S. government, tech companies and private sector in recent weeks — many asking to speak anonymously to frank discussion of a dynamic threat environment — outlined the key risk areas in which they join as Russia has proven effective, sometimes brutal, online.

While many expect Russia to launch disinformation operations in the region, including disinformation activities and possibly even hacking and leaks similar to those it has used used to target the 2016 US presidential election, the top two threats were the scourge of ransomware and so-called collateral damage. . “Looking back at NotPetya, it’s a huge cautionary tale,” Easterly said, pointing to many US companies or Western subsidiaries that do business in Ukraine and therefore have digital systems linked to it. together.



Source link

news7g

News7g: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button