Skip to main content
close search
site logo
Dive Brief

DHS warns local authorities, critical infrastructure providers over potential Russia threat

Published Jan. 25, 2022
David Jones's headshot
Reporter
Sean Gallup via Getty Images

Dive Brief:

  • The Department of Homeland Security warned state and local governments and critical infrastructure providers across the U.S. that Russia may launch direct cyberattacks if it perceives actions by the U.S. or NATO as a threat to its national security. 
  • The bulletin, dated Jan. 23, warned that Russia had a number of tools it could employ, and an incident could range from a denial of service attack to a more targeted attack against critical infrastructure, reported ABC News, which obtained a copy of the Intelligence and Analysis bulletin. 
  • While DHS officials did not comment on the contents of the bulletin, the agency "regularly shares information with federal, state, local, tribal and territorial officials and the private sector to ensure the safety and security of all communities across the country," a DHS spokesperson said Monday in an emailed statement.

Dive Insight:

A DHS spokesperson said the agency has increased operational partnerships between the private sector and the federal government to strengthen U.S. cyber defenses, including through the Joint Cyber Defense Collaborative.  

The threshold for Moscow launching a direct attack against the U.S. remains very high, according to agency analysts cited by CNN. The network also confirmed the DHS bulletin.

The Cybersecurity and Infrastructure Security Agency, which operates as part of DHS, warned of a heightened threat to critical infrastructure last week, after destructive malware was unleashed on Ukraine government sites. 

Multiple security researchers also raised the alarm about malicious actors deploying WhisperGate malware that could wipe computer data has been deployed and it showed similarities to destructive malware used during the 2017 NotPetya attacks. 

"Russia certainly has an arsenal of offensive cyber tooling that can be used to degrade and disrupt U.S. critical infrastructure," said John Hammond, senior security researcher at Huntress, via email.

Prior cyberattacks from Russia have always "pushed the envelope," said Hammond, including ransomware that took out vital supply chain providers, used backdoors and gained persistent access inside organizations across multiple industries. 

Threat actors may deploy destructive malware to delete data, hide malicious behavior or make systems inoperable, according to a Mandiant white paper on steps organizations should take to harden their defenses against a sophisticated attack. 

The paper addresses a range of security issues, including segmentation between IT and operational technology, protecting against credential theft and defending against on-premises lateral movement. 

Organizations and private citizens should identify what assets may be targeted, establish plans for business continuity and cyber resilience, Ken Westin, director, security strategy at Cybereason. 

"My concern with Russia today is they have an arsenal of zero-day exploits at the ready, as well as initial access to targets already," Westin said. 

Filed Under: Threats

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Editors' picks
Latest in Threats
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell