US Moves Cyber Defences To High Alert

As the war escalates between Russia and Ukraine, the US Department of Homeland Security (DHS) has published a warning to businesses to be on high alert for Russian cyber attacks and so has the UK’s National Cyber Security Centre (NCSC). 

Russian-directed cyber attacks against the US are now being considered an imminent possibility by the US government. 

US cyber security officials are urging federal agencies and large organisations to remain vigilant against the threat of Russian cyber attacks amid the country’s ongoing invasion of Ukraine. 

The DHS has been designated as the lead federal agency managing the domestic response to the Russia-Ukraine crisis in the wake of warnings about potential cyber attacks on the US and ongoing disinformation campaigns. Over twenty senators from both parties want to know more about how the DHS and its component agencies are proactively working to harden the digital defences of the federal government and critical infrastructure.

The White House Press Secretary Jen Psaki recently said the US was prepared to respond to any cyberattack launched against critical infrastructure or companies. “In terms of the financial impact, as I said, these are the most impactful and significant sanctions the US has ever taken.  But financial sanctions are just one part of our response... We’re also unveiling today an expansive and unprecedented set of export restrictions developed in historically close coordination with the European Union, Australia, Japan, Canada, New Zealand, the United Kingdom, and Taiwan. 

The new measures include sweeping restrictions on Russian military end users to limit Putin’s military capabilities and to deny exports to Russia of sensitive modern technology, primarily in the defence, aerospace and maritime sectors. 

“In total, the United States and our partners will effectively be cutting off more than half of all high-tech imports going into Russia.  This includes curbing Russia’s access to advance semiconductors and other foundational technologies that Russia needs to diversify and modernise its economy.,” Psaki said recently.

In a letter to Secretary of Homeland Security Alejandro Mayorkas, US senators have requested a briefing about what DHS is doing to protect agencies,  businesses and core services like electricity and Internet that Americans rely on. “Given Russia’s history of disruptive cyber and disinformation activities, we are concerned that the United States may be targeted in retaliation for actions taken to impose costs on Russia for its unprovoked invasion of Ukraine,” the senators wrote.  

The department of the DHS agency most responsible for this task, the Cybersecurity and Infrastructure Security Agency (CISA), has been warning the public for months while putting out actionable guidance for hardening systems and meeting with companies from vulnerable critical infrastructure sectors to coordinate further defenses. 

While the agency has announced caution and is monitoring the different malware that have been used in Ukraine, CISA Director Jen Easterly and others have also emphasised that there is no credible intelligence about an impending hacking campaign right now.

  • US Senators want to know what strategy is in place if US critical infrastructure is targeted by Russian hackers and how the agency is prioritising the most at-risk organisations or sectors for technical support. 
  • They also want to know what advice is being sent out throughout the US, particularly for smaller businesses that may lack dedicated IT or cyber security executives and who aren’t part of the Joint Cyber Defense Collaborative, CISA’s department for engaging with the private sector.
  • While CISA and DHS are focused on internal US defenses, the senators also want an update on what is being done to coordinate with NATO allies and Ukraine.

While social media companies have become under significant pressure to get to grips with coordinated state disinformation campaigns on their platforms, US lawmakers want to know how the invasion of Ukraine may have altered or augmented Russia’s disinformation strategy and how DHS is responding.  

The White House:     DHS:      CNN:    Washington Post:    Time:   The Hill:    SC Magazine

You Might Also Read:

Cyber Attacks May Lead To A “shooting war”:
 

« Two Thirds Of Organisations Are Not Equipped To Deal With Cyber Threats
Only A Few Employees Cause The Majority Of Breaches »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Morgan Lewis Law

Morgan Lewis Law

Morgan Lewis is an international law firm with offices in North America, Europe, Asia, and the Middle East. Practice areas include Privacy and Cybersecurity.

QASymphony

QASymphony

QASymphony software testing and QA tools help companies create better software by improving speed, efficiency and collaboration during the testing lifecycle.

SentryBay

SentryBay

SentryBay is the global leader in preventative endpoint isolation protection. We protect remote, BYOD and corporate endpoints so they can safely and securely connect with your corporate network.

Egyptian Supreme Cybersecurity Council (ESCC)

Egyptian Supreme Cybersecurity Council (ESCC)

ESCC is responsible for developing a national strategy to face and respond to the cyber threats and attacks and to oversee its implementation and update.

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC) is a government body providing support for ICT related activities including formulating national ICT strategy and policy.

Leadcomm

Leadcomm

Leadcomm is a Brazilian company focused on the distribution and integration of IT systems and security solutions for large companies.

Next47

Next47

Next47 is a global venture firm, backed by Siemens, committed to turning today's impossible ideas into tomorrow's indispensable industries.

Cryptoloc

Cryptoloc

Cryptoloc's core business is developing solutions designed to protect businesses from all kinds of security threats using a unique patented cryptography.

Cyber Command - Romania

Cyber Command - Romania

Cyber Command represents the military authority responsible for the development, protection and resilience of military IT networks and services that support the Romanian Force Structure.

Liberman Networks

Liberman Networks

Liberman Networks is an IT solutions provider company that provides security, management, monitoring, BDR and cloud solutions.

Shield Capital

Shield Capital

Shield Capital helps founders build frontier solutions in cybersecurity, artificial intelligence, space & autonomy for commercial and government enterprises.

OSC Edge

OSC Edge

OSC was founded with the vision of providing expert solutions in IT to government and businesses. OSC Edge empowers organizations with solutions that prepare them for today and tomorrow.

Segra

Segra

Segra owns and operates one of the nation’s largest fiber networks and provides best-in-class broadband and data security solutions throughout the Southeast and Mid-Atlantic.

SentryMark

SentryMark

Stay a Step Ahead of Emerging Threats. Deviate from the traditional siloed defenses and get the proactive and responsive cybersecurity solutions and services you deserve with SentryMark today.

Maveris

Maveris

Maveris is an IT and cybersecurity company committed to helping organizations create secure digital solutions to accelerate their mission.

Adaptive Security

Adaptive Security

Adaptive is a next-generation cybersecurity platform. We're working with pioneering security teams to protect critical systems from AI-powered cyber attacks.