US Moves Cyber Defences To High Alert

Uploaded on 2022-03-22 in TECHNOLOGY--Resilience, INTELLIGENCE--USA, GOVERNMENT-National, FREE TO VIEW

As the war escalates between Russia and Ukraine, the US Department of Homeland Security (DHS) has published a warning to businesses to be on high alert for Russian cyber attacks and so has the UK’s National Cyber Security Centre (NCSC). 

Russian-directed cyber attacks against the US are now being considered an imminent possibility by the US government. 

US cyber security officials are urging federal agencies and large organisations to remain vigilant against the threat of Russian cyber attacks amid the country’s ongoing invasion of Ukraine. 

The DHS has been designated as the lead federal agency managing the domestic response to the Russia-Ukraine crisis in the wake of warnings about potential cyber attacks on the US and ongoing disinformation campaigns. Over twenty senators from both parties want to know more about how the DHS and its component agencies are proactively working to harden the digital defences of the federal government and critical infrastructure.

The White House Press Secretary Jen Psaki recently said the US was prepared to respond to any cyberattack launched against critical infrastructure or companies. “In terms of the financial impact, as I said, these are the most impactful and significant sanctions the US has ever taken.  But financial sanctions are just one part of our response... We’re also unveiling today an expansive and unprecedented set of export restrictions developed in historically close coordination with the European Union, Australia, Japan, Canada, New Zealand, the United Kingdom, and Taiwan. 

The new measures include sweeping restrictions on Russian military end users to limit Putin’s military capabilities and to deny exports to Russia of sensitive modern technology, primarily in the defence, aerospace and maritime sectors. 

“In total, the United States and our partners will effectively be cutting off more than half of all high-tech imports going into Russia.  This includes curbing Russia’s access to advance semiconductors and other foundational technologies that Russia needs to diversify and modernise its economy.,” Psaki said recently.

In a letter to Secretary of Homeland Security Alejandro Mayorkas, US senators have requested a briefing about what DHS is doing to protect agencies,  businesses and core services like electricity and Internet that Americans rely on. “Given Russia’s history of disruptive cyber and disinformation activities, we are concerned that the United States may be targeted in retaliation for actions taken to impose costs on Russia for its unprovoked invasion of Ukraine,” the senators wrote.  

The department of the DHS agency most responsible for this task, the Cybersecurity and Infrastructure Security Agency (CISA), has been warning the public for months while putting out actionable guidance for hardening systems and meeting with companies from vulnerable critical infrastructure sectors to coordinate further defenses. 

While the agency has announced caution and is monitoring the different malware that have been used in Ukraine, CISA Director Jen Easterly and others have also emphasised that there is no credible intelligence about an impending hacking campaign right now.

  • US Senators want to know what strategy is in place if US critical infrastructure is targeted by Russian hackers and how the agency is prioritising the most at-risk organisations or sectors for technical support. 
  • They also want to know what advice is being sent out throughout the US, particularly for smaller businesses that may lack dedicated IT or cyber security executives and who aren’t part of the Joint Cyber Defense Collaborative, CISA’s department for engaging with the private sector.
  • While CISA and DHS are focused on internal US defenses, the senators also want an update on what is being done to coordinate with NATO allies and Ukraine.

While social media companies have become under significant pressure to get to grips with coordinated state disinformation campaigns on their platforms, US lawmakers want to know how the invasion of Ukraine may have altered or augmented Russia’s disinformation strategy and how DHS is responding.  

The White House:     DHS:      CNN:    Washington Post:    Time:   The Hill:    SC Magazine

You Might Also Read:

Cyber Attacks May Lead To A “shooting war”:
 

« Two Thirds Of Organisations Are Not Equipped To Deal With Cyber Threats
Only A Few Employees Cause The Majority Of Breaches »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

QTS

QTS

QTS Realty Trust, Inc. is a leading provider of secure, compliant data center, hybrid cloud and managed services.

Cofense

Cofense

Cofense (formerly PhishMe) is a leading provider of human-driven phishing defense solutions.

Snyk

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world.

Randori

Randori

Randori is an attack platform that provides "red-teaming" as a service - basically, staging simulated hack attacks to test for vulnerabilities and gaps in the security response.

GMV

GMV

GMV is a technological business group offering solutions, services and products in diverse sectors including Intelligent Transportation Systems, Cybersecurity, Telecoms and IT.

Enet 1 Group1

Enet 1 Group1

Enet 1 Group audits, assesses, recommends, and delivers tested solutions for the ever-increasing threats to your critical systems and digital assets

Cyway

Cyway

Cyway is a value-added cybersecurity distributor focusing on on-prem, cloud solutions and hybrid solutions, IoT, AI & machine learning IT security technologies.

Secmation

Secmation

Secmation are an agile engineering services firm providing advanced DoD level security design and consultation services for both commercial and defense hardware and software applications.

Curity

Curity

The Curity Identity Server brings identity and API security together, enabling highly scalable and secure user access to digital services.

Lumifi

Lumifi

Lumifi provide end-to-end cybersecurity resilience solutions with a specialty in managed detection and response (MDR) services.

Avalor

Avalor

Avalor are on a mission to help security teams make faster, more accurate decisions by making sense of their data. With Avalor you can bring in data from anywhere, normalize it and analyze it.

iNovex

iNovex

iNovex is a community of innovators that work together to solve hard problems. We partner with you to meet problems head-on and push boundaries with technology solutions.

Cura Technology

Cura Technology

Cura Technology offers a wide array of security solutions meticulously designed to address specific facets of your security requirements.

Dryad Global

Dryad Global

Dryad Global offers a comprehensive suite of maritime intelligence solutions, including a best-in-class situational awareness, planning and security system and industry-leading cyber protection tools.

RELIANOID

RELIANOID

RELIANOID is an application delivery controller and load balancing system that ensures high performance and security of IT services on a massive scale.

Deimos

Deimos

Deimos is a technology, cloud, hybrid and multi-cloud focused, professional services company. Our expertise and focus is on cloud native Developer and Security Operations.