[BreachExchange] DHS warns of Russian cyberattack on US if it responds to Ukraine invasion

Mon Jan 24 14:26:53 EST 2022

https://abcnews.go.com/Politics/dhs-warns-russian-cyberattack-us-responds-ukraine-invasion/story?id=82441727

As tensions rise in the standoff over Ukraine, the Department of Homeland
Security has warned that the U.S. response to a possible Russian invasion
could result in a cyberattack launched against the U.S. by the Russian
government or its proxies.

"We assess that Russia would consider initiating a cyber attack against the
Homeland if it perceived a US or NATO response to a possible Russian
invasion of Ukraine threatened its long-term national security," a DHS
Intelligence and Analysis bulletin sent to law enforcement agencies around
the country and obtained by ABC News said.

The bulletin was dated Jan. 23, 2022.

Russia, DHS said, has a "range of offensive cyber tools that it could
employ against US networks," and the attacks could range from a low level
denial of service attack, to "destructive" attacks targeting critical
infrastructure.

"We assess that Russia's threshold for conducting disruptive or destructive
cyber attacks in the Homeland probably remains very high and we have not
observed Moscow directly employ these types of cyber attacks against US
critical infrastructure—notwithstanding cyber espionage and potential
prepositioning operations in the past," the bulletin said.

Last year, cybercriminals based in Russia caused two of the most
destructive cyberattacks in recent memory, the U.S. has said. Colonial
Pipeline was the victim of a ransomware attack in May 2021, shutting down
operations and causing widespread outages across the country, and meat
supplier JBS had its operations shutdown due to Russian based hackers.

Russia is also responsible for the SolarWinds breach in late 202o, the U.S.
has said, where the U.S. says Russian-backed cybercriminals gained access
to 10 U.S. government agencies including the Department of Homeland
Security and Department of Commerce.

FBI warns about cybercriminals tampering with QR codes
DHS says Russia "continues to target" and gain access to critical
infrastructure in the United States, but Russia does not limit itself to
conducting cyber operations just in the U.S.

The bulletin says in 2015 and 2016, Russian military intelligence assets
launched a cyberattack against Ukraine's power grid. Although the bulletin
doesn't mention it, Ukrainian officials most recently pointed the finger at
Russia for another cyber outage, shutting down government websites.

Homeland Security Secretary Alejandro Mayorkas told reporters last week
that the United States is on a "heightened alert" for cyberattacks given
"geopolitical landscape."

He told reporters at the U.S. Conference of Mayors on Thursday that it is
"difficult to calibrate the likelihood" of something happening.

"The whole point is, when the specter of harm arises, we call for vigilance
and quite frankly, in the cybersecurity arena. ever present vigilance is
what we call for," he said.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220124/1a5f43d3/attachment.html>