The standoff with Ukraine is causing several security-related ripples. First, the Department of Homeland Security has warned that the U.S. response to a possible Russian invasion could result in a cyberattack launched against the U.S. by the Russian government or its proxies. This is more than simply any background noise of constant threat, but instead a point of leverage the Russian government may use in relations with the rest of the world.
And, it’s’ becoming clear that cyber-activists, who are opposed to the president of Belarus, are hacking the state-run railway’s computer system and threatening to paralyze trains moving Russian troops and artillery to the country for a potential attack on Ukraine. The goal — “indirectly affect Russia troops movement.” Per deep-dive review by CyberScoop, it’s unclear how successful the group has been, although the group itself claims success.
Bloomberg Law is reporting concern over the ability of the US government to respond by the delayed deployment of a planned board to review significant incidents and make security recommendations. The Cyber Safety Review Board is modeled after the existing National Transportation Safety Board, which investigates plane crashes and other transportation accidents, and was directed in last year’s Executive Order. The cyber board is charged with examining incidents and drawing lessons to inform U.S. government policies and practices, and it hasn’t launched yet.
NBC News highlights a new ransomware tactic – hackers calling those whose data have been compromised. An example is parents of a hacked Dallas school system who threatened to expose their data after the district was breached.
Breaches overall are even higher — the2021 Annual Data Breach Report published by the Identity Theft Resource Center (ITRC) on Monday, the overall number of data compromises (1,862) is up more than 68% compared to 2020 (1,108). Out of the 1,862 compromises, 1,600 of those were cyberattacks.
NIST has issued its newest and final copy for assessing internal IT security. The document “Assessing Security and Privacy Controls in Information Systems and Organizations” focuses on helping entities manage cybersecurity risks across their networks. Guidelines included in the final draft emphasize improving organizational assessments of current cybersecurity infrastructure, promoting better cybersecurity awareness among users, enabling cost-effective security assessment procedures and privacy controls, and creating reliable security information for executives.
Why do we care?
Cybersecurity earlier in the week was a kitchen table issue, as pushed by CISA… but today, the news is a lot more nation-state. The prediction of a G20 nation retaliating to cyber with physical attacks is playing out in inverse already – physical attacks resulting in cyber ones. It’s happening in Belarus, and the DHS is clearly warning Americans it may happen in the US.
That’s why we care – anyone in the critical infrastructure of any kind had better be on high alert right now.