In the wake of Russia’s invasion into Ukraine, some have suggested that the United States might respond with cyberattacks against Russia.
While a preemptive cyberattack on another nation is a jarring proposal, it certainly isn’t new. In 2009, the complex and targeted malware named Stuxnet was launched against an Iranian nuclear program. Stuxnet was widely believed to be developed jointly by the United States and Israel. In contrast to today’s ransomware attacks, Stuxnet’s functionality was designed to destroy and disrupt, rather than disable for extortion. Fast-forward to 2017, when a cybercriminal group called the Shadow Brokers leaked the EternalBlue vulnerability, an exploit developed by the U.S. National Security Agency (NSA) and used for espionage. Not long following the disclosure of EternalBlue, Russia and North Korea weaponized the vulnerability and retaliated with the NotPetya and WannaCry attacks.
Needless to say, nation states have been laying the groundwork and conducting for these attacks for many years.
So, what does this mean and what should we prepare for?
Malware, in general, can have devastating effects on target systems. Much like Stuxnet, whose intent was to disable or destroy, targeted attacks using malware present the opportunity to cripple organizations and affect the lives of the individual citizens. Destructive U.S. cyberattacks against Russia could result in escalation and/or retaliation. The FBI has warned the U.S. private sector to be prepared for the potential increase of Russian cyber activities while tensions are high between the U.S. and Russia.
The U.S. recently experienced a cyberattack on a critical organization during the Colonial Pipeline incident in 2021. Colonial Pipeline, a large oil pipeline system that transports fuel to much of the East Coast, was hit by DarkSide ransomware which halted all operations between May 7 and May 12, 2021. To be clear, the ransomware did not affect production or transport of oil – only Colonial Pipeline’s billing system.
In those short, six days, President Biden declared a state of emergency. Fuel shortages caused a panic buying in multiple states and gas stations were running out of fuel. Fuel prices rose. Airlines diverted airplanes to account for refueling.
While all of this is rightfully concerning, all hope is not lost. Industry and government can curb the risk of these attacks. Kivu, and many other security firms, are dedicated to helping our clients defend against, and recover from, cyberthreats that plague our society today. If you would like more information on how your organization can better prepare for cyberattacks, please reach out to us at info@kivuconsulting.com or incidentresponse@kivuconsulting.com
Comments