The Next Russian Cyberattacks Will Be More Damaging

The British Prime Minister Theresa May has pledged £15m to strengthen cybersecurity defences at an “intelligence partners” summit with the leaders of Canada, Australia and New Zealand, who make up the "Five Eyes" security alliance with the UK and US.

Speaking at the National Cyber Security Centre in London last month, the Prime Minister said: "Russia is using cyber... as part of a wider effort to attack and undermine the international system."

"Its interference over the past year has included attacks on the public sector, media, telecommunications, and energy sectors."

On March 15, the Department of Homeland Security together with the FBI announced that Russian government hackers infiltrated critical infrastructures in the US, including “energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.”

According to the DHS-FBI report, malicious Russian activities have been ongoing since at least March 2016. The Russian malware, which has been sitting in the control systems of various US utilities, allows the Russians to shut off power or sabotage the energy grids. And they have done it before:

The same malware that took down Ukraine’s electrical grid in 2015 and 2016 has been detected in US utilities. The potential damage of a nationwide black out, let’s say on Election Day, would be significant, to say the least. And while Russian trolls and bots have captured public attention, they are already yesterday’s game.

The disinformation tools used by Moscow against the West are still fairly basic: They rely on exploiting human gullibility, vulnerabilities in the social media ecosystem, and lack of awareness among the public, the media, and policymakers.

In the very near term, however, technological advancements in artificial intelligence and cyber capabilities will open opportunities for malicious actors to undermine democracies more covertly and effectively than what we have seen so far.

Increasingly sophisticated cyber-tools, tested primarily in Ukraine, have already infected Western systems, as evidenced by the DHS-FBI report. An all-out attack on Western critical infrastructure seems inevitable.
 
Lessons from Ukraine

In the West, Russia’s cyber-attacks so far have been at the service of its disinformation operations: stolen data used to embarrass individuals, spin a narrative, discredit democratic institutions and values, and sow social discord.

This was the pattern Russian operators followed in the United States, France, and Germany during the countries’ 2016–17 elections. Hacking email accounts of individuals or campaigns, leaking that stolen information using a proxy (primarily WikiLeaks), and then deploying an army of disinformation agents (bots, trolls, state controlled media) to disseminate and amplify a politically damaging narrative.

Such cyber-enabled interference falls below the threshold of critical infrastructure attacks of significant consequence that could result in “loss of life, significant destruction of property, or significant impact on [national security interests].”

The nightmare of cyber-attacks crippling critical infrastructure systems still has the sound of science fiction to most Americans. But in Ukraine, this nightmare is real.

As the laboratory for Russian activities, Ukraine has seen a significant uptick in attacks on its critical infrastructure systems since the 2013–14 Maidan revolution.

A barrage of malware, denial of service attacks, and phishing campaigns bombard Ukraine’s critical infrastructure environments on a daily basis.

In December 2015, a well-planned and sophisticated attack on Ukraine’s electrical grid targeted power distribution centers and left 230,000 residents without power the day before Christmas. The attackers were able to override operators’ password access to the system and also disable backup generators.

Brookings Institute:                   Express:

You Might Also Read:

Leaked Emails Expose Russian Exploits In Ukraine:

The Growing Threat Of Russian Cyber Reprisals On Britain:

« Cybersecurity Advice For SMEs
Blockchain Will Radically Transform Anti-Fraud »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Shavlik Protect

Shavlik Protect

Shavlik Protect is an easy-to-use security software solution that discovers missing patches and deploys them to the entire organization.

CORDIS

CORDIS

CORDIS is the European Commission's primary public repository and portal to disseminate information on all EU-funded research projects and their results.

OPSWAT

OPSWAT

OPSWAT is a software company that provides solutions to secure and manage IT infrastructure.

VdS

VdS

VdS is an independent safety and security testing institution. Cybersecurity services include standards, audit/assessment and certification for SMEs.

IT Security House

IT Security House

IT Security House is a leading European supplier of Cyber Security Intelligence and eCrime services.

Magal Security Systems (Magal S3)

Magal Security Systems (Magal S3)

Magal Security Systems is a leading international provider of integrated solutions and products for physical and cyber security, safety and site management.

ThreatBook

ThreatBook

ThreatBook is dedicated to providing real-time, accurate and actionable threat intelligence to block, detect and prevent attacks.

Magtech Solutions

Magtech Solutions

Magtech Solutions is a one-stop IT Solutions provider offering Cloud Computing, IT Security, Unified Email Solutions and ERP systems.

Xilinx

Xilinx

Xilinx is the inventor of the FPGA, programmable SoCs, and now, the ACAP. We are building the Adaptable, Intelligent World.

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub is a non-profit network organization focused on cooperation, information sharing, research and implementation of cutting-edge technologies in cybersecurity.

Paradyn

Paradyn

Paradyn-managed security services can provide a holistic view of your business environment, no matter how simple or complex it is.

r00tz Asylum

r00tz Asylum

r00tz Asylum is a nonprofit dedicated to teaching kids around the world how to love being white-hat hackers.

Auxilion

Auxilion

Auxilion is an award-winning provider of consulting and IT support services, technologies and consulting for public and private organisations in the UK and Ireland.

View

View

View is the leader in smart building technologies including OT cybersecurity to securely connect buildings to the cloud and manage building networks and OT devices.

Continent 8 Technologies

Continent 8 Technologies

Continent 8 Technologies is the leading provider of managed hosting, connectivity, cloud and cybersecurity solutions to the global online gambling industry.

Softcell Technologies Global

Softcell Technologies Global

Softcell is one of India's leading System Integrators. We serve enterprise customers in the areas of IT Security, Mobility, Optimised IT Infrastructure, Cloud and Engineering Services.