This post is also available in: עברית (Hebrew)
“CISA recommends all organizations — regardless of size — adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.” The Cybersecurity and Infrastructure Security Agency CISA released a broad national warning, “Shields Up”, on Feb. 11, warning that Russia’s potential invasion of Ukraine could spill into hacks against American computer networks.
CISA said it was not responding to any specific threats, but acting as a general precaution that conflict with Russia could lead to cyberattacks, in an attempt to escalate the situation.
Noting the broad vulnerability of many U.S. computer networks to hackers, it warned that “Every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety.”
According to nbcnews.com, there are no publicly known instances where Russia’s state-directed hackers deliberately and successfully deployed destructive malware against America’s energy grid. But that fear has long driven cybersecurity warnings, and the U.S. has released multiple advisories for how cybersecurity workers in the U.S. can counter Russia’s most common hacking tactics.
Russia has conducted such attacks against Ukraine, part of a broader years-long cyber-harassment campaign against its neighbor. “The Russians understand that disabling or destroying critical infrastructure — including power and communications — can augment pressure on a country’s government, military and population and accelerate their acceding to Russian objectives.”
CISA recommends to organizations to take several steps in order to reduce the likelihood of a damaging cyber intrusion, quickly detect an intrusion, ensure preparedness to respond, and maximize resilience to a destructive cyber incident. The agency offers some of its tools and resources and alerts to help cybersecurity/IT personnel at every organization prepare.