US Moves Cyber Defences To High Alert

As the war escalates between Russia and Ukraine, the US Department of Homeland Security (DHS) has published a warning to businesses to be on high alert for Russian cyber attacks and so has the UK’s National Cyber Security Centre (NCSC). 

Russian-directed cyber attacks against the US are now being considered an imminent possibility by the US government. 

US cyber security officials are urging federal agencies and large organisations to remain vigilant against the threat of Russian cyber attacks amid the country’s ongoing invasion of Ukraine. 

The DHS has been designated as the lead federal agency managing the domestic response to the Russia-Ukraine crisis in the wake of warnings about potential cyber attacks on the US and ongoing disinformation campaigns. Over twenty senators from both parties want to know more about how the DHS and its component agencies are proactively working to harden the digital defences of the federal government and critical infrastructure.

The White House Press Secretary Jen Psaki recently said the US was prepared to respond to any cyberattack launched against critical infrastructure or companies. “In terms of the financial impact, as I said, these are the most impactful and significant sanctions the US has ever taken.  But financial sanctions are just one part of our response... We’re also unveiling today an expansive and unprecedented set of export restrictions developed in historically close coordination with the European Union, Australia, Japan, Canada, New Zealand, the United Kingdom, and Taiwan. 

The new measures include sweeping restrictions on Russian military end users to limit Putin’s military capabilities and to deny exports to Russia of sensitive modern technology, primarily in the defence, aerospace and maritime sectors. 

“In total, the United States and our partners will effectively be cutting off more than half of all high-tech imports going into Russia.  This includes curbing Russia’s access to advance semiconductors and other foundational technologies that Russia needs to diversify and modernise its economy.,” Psaki said recently.

In a letter to Secretary of Homeland Security Alejandro Mayorkas, US senators have requested a briefing about what DHS is doing to protect agencies,  businesses and core services like electricity and Internet that Americans rely on. “Given Russia’s history of disruptive cyber and disinformation activities, we are concerned that the United States may be targeted in retaliation for actions taken to impose costs on Russia for its unprovoked invasion of Ukraine,” the senators wrote.  

The department of the DHS agency most responsible for this task, the Cybersecurity and Infrastructure Security Agency (CISA), has been warning the public for months while putting out actionable guidance for hardening systems and meeting with companies from vulnerable critical infrastructure sectors to coordinate further defenses. 

While the agency has announced caution and is monitoring the different malware that have been used in Ukraine, CISA Director Jen Easterly and others have also emphasised that there is no credible intelligence about an impending hacking campaign right now.

  • US Senators want to know what strategy is in place if US critical infrastructure is targeted by Russian hackers and how the agency is prioritising the most at-risk organisations or sectors for technical support. 
  • They also want to know what advice is being sent out throughout the US, particularly for smaller businesses that may lack dedicated IT or cyber security executives and who aren’t part of the Joint Cyber Defense Collaborative, CISA’s department for engaging with the private sector.
  • While CISA and DHS are focused on internal US defenses, the senators also want an update on what is being done to coordinate with NATO allies and Ukraine.

While social media companies have become under significant pressure to get to grips with coordinated state disinformation campaigns on their platforms, US lawmakers want to know how the invasion of Ukraine may have altered or augmented Russia’s disinformation strategy and how DHS is responding.  

The White House:     DHS:      CNN:    Washington Post:    Time:   The Hill:    SC Magazine

You Might Also Read:

Cyber Attacks May Lead To A “shooting war”:
 

« Two Thirds Of Organisations Are Not Equipped To Deal With Cyber Threats
Only A Few Employees Cause The Majority Of Breaches »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Sonatype

Sonatype

Sonatype protects the world's enterprise software from security, compliance, licensing risks, while reducing application development and deployment time.

Redcentric

Redcentric

Redcentric is a leading UK IT managed services provider. We deliver managed IT, cloud computing, data backup, information security services and managed networks.

Nozomi Networks

Nozomi Networks

Nozomi Networks is a leader in Industrial Control System (ICS) cybersecurity, with a comprehensive platform to deliver real-time cybersecurity and operational visibility.

netfiles

netfiles

netfiles offers highly secure data rooms for sensitive business processes and secure data exchange.

Information Systems Security Partners (ISSP)

Information Systems Security Partners (ISSP)

ISSP is a specialized system integrator focused on the information security needs of its corporate clients and providing best in class products and services for securing organizational information.

Ziroh Labs

Ziroh Labs

Ziroh Labs leverages advanced cryptography to keep your highly sensitive, private data safe throughout the lifecycle of data.

Intrinsyc Technologies

Intrinsyc Technologies

Intrinsyc provides product development services and Edge Computing modules that are helping to take the Internet of Things products to the next level.

Vaadata

Vaadata

Vaadata are experts in ethical hacking. We secure your web, mobile and IoT platforms.

Silicon Cloud International

Silicon Cloud International

Silicon Cloud is a high performance and secure cloud computing platform for engineering and scientific applications.

eSec Forte Technologies

eSec Forte Technologies

eSec Forte Technologies is a CMMI Level-3 ISO 9001-2008, 27001-2013 certified global consulting and implementation company focused on Information Security and Cyber Security.

Kocho

Kocho

Kocho (formerly TiG) is a provider of identity and access, cyber security, cloud transformation, and managed IT services.

Akito

Akito

Akito was set up to become a point of reference in the ICT market for issues related to Security and in particular Cyber Security.

Secure Diversity

Secure Diversity

Secure Diversity is an innovative non-profit organization with leaders that think out of the box to create strategies & solutions to increase diversity in the cybersecurity industry.

Saudi Information Technology Company (SITE)

Saudi Information Technology Company (SITE)

SITE is a forward-thinking enterprise, which aims at revitalizing Saudi Arabia’s digital infrastructure, cybersecurity, software development, and big data and analytics capabilities.

AdviserCyber

AdviserCyber

AdviserCyber provide Cybersecurity and Compliance Solutions for Registered Investment Advisers.

CyberAI Group

CyberAI Group

CyberAI's mission is to pioneer the evolution of the cybersecurity landscape globally, by strategically acquiring and elevating IT consulting firms into leaders of cybersecurity innovation.