Russian Threats to U.S. Critical Infrastructure
Russian hackers aren’t just trying to tamper with U.S. elections, they’re going after the U.S. critical infrastructure. The Department of Homeland Security and the FBI have recently accused Moscow of orchestrating a series of cyberattacks targeting key public utilities.
In fact, the Russian cyber threat was significant enough for the U.S. Computer Emergency Readiness Team to issue an Alert on March 15th to warn the sector and public at large. These agencies say the Kremlin is actively targeting the energy sector, public utilities, aviation, and critical manufacturing.
So here’s the frightening part–U.S. Officials say the Russians likely have their fingers on the switches, and could potentially turn off the lights at any time… Oh crap. I think I have a flashlight here somewhere.
Ah ha yes. Great! Well this is actually quite a predicament because our light board here is no good without actually light. Oh, fantastic.This must just have been a false alarm. So as I was saying this all sounds like something straight from a science fiction movie, right? Wrong! If you don’t think it can’t happen here, think again.The Russians have already demonstrated that they have the capability to pull the plug.
December 2015: Moscow Launches Cyberattack
In December 2015, Moscow launched a Cyberattack that cut electricity to nearly a quarter-million Ukrainians. That is 250,000 people without power. This was the first active cyberattack intended to disrupt a power grid. And it shocked the world. Some experts believe that Russia is using Ukraine as a real-life laboratory to test out new cyber weapons before potentially turning them to even bigger targets, like here in the United States.
U.S. officials say Russian strikes against our critical infrastructure really started to rev up in late 2015 – right around the time the Kremlin kicked off its covert campaign to meddle in the 2016 U.S. presidential elections.
Speaking of which, on the same day that US-CERT issued its cyber alert, the Trump administration slapped new sanctions on Russia as part of an effort to punish Moscow for interfering in the 2016 election. These sanctions could further escalate tensions between the United States and Russia, and there’s no knowing if or how Moscow might retaliate. What we do know is that they have the potential capability to cause real chaos by controlling portions of our country’s critical infrastructure.
Why Should I Care?
So you might be saying to yourself: I’m not a utility board director or executive. I don’t run a natural gas company, a water processing plant, or even an airline. Why should I care? Well let me tell you why you should care. Your company relies on our nation’s critical infrastructure. You need electricity to switch the lights on in your office. Your employees need running water to use the bathroom (other than for that one guy in accounting that refuses to wash his hands).
So, remember: no power, no business. If Russian hackers shut down the power grid, it could also disrupt your business – putting a big hole in your bottom line. In addition, your company could be part of a targeting chain.
Your business may share common vendors with a public utility. If that’s the case, an attacker may use your company as an intermediary to ultimately gain access to the controls of their desired target. A Russian cyberattack on critical infrastructure poses real risks to your business. So what steps can you take to protect your company?
The Top Three Must-Do’s:
- First thing’s first — stay alert. Pay attention to reports of cyberattacks on critical infrastructure, and determine if and how these cyber threats may affect you. If the incident involved a targeting chain, see if you share any vendors with the victims. If you do, make sure those vendors have appropriately resolved the incident.
- Second, have an incident response plan and a business continuity plan in place. Consider a secondary power source or back-up protection: either for your typical business operations or for data and information systems. If a cyberattack strikes a power grid, there’s no knowing how long you’ll be without electricity. And without electricity, you can’t have a fully functioning company.
- And lastly, be a good cyber citizen. Treat cyber breaches the same way you would treat an Amber alert. Have your security team keep an eye out for any potential indicators of compromise or abnormal cyber activities.Then be sure those observations are reported to the proper authorities.
As the Department of Homeland Security puts it: “If you see something, say something.” By protecting your company, you can also help protect the public – and keep our country safe from cyberattacks to critical infrastructure. If you need help in establishing a greater understanding of the cyber risks currently affecting your business, please be sure to get in touch.