The U.S. imposed new sanctions on Russia on Wednesday. Now, there are fears Russia may retaliate with cyberattacks.
The American government is on high alert for possible ransomware attacks.
This week, an FBI cyber official warned businesses and local governments they should be on the lookout for such attacks.
U.S. agencies also issued a similar warning to banks, according to CNN.
The warning comes as President Joe Biden announced a round of sanctions on Russia on Tuesday, including sanctions on Russian banks.
There are other assets that belong to the U.S. that could also be in jeopardy of an attack.
Ukraine depends on American commercial satellites to get spy imagery.
Experts fear Russia may target those satellites.
Ukraine’s internet access already began to suffer this week before Russia officially invaded the country.
On Thursday, websites belonging to Ukraine’s defense, foreign and interior ministries were slow to load and sometimes unreachable.
Experts describe this as a series of distributed-denial-of-services (DDoS) attacks, which are malicious attempts to disrupt the traffic of a target server or network.
The attacker will overwhelm the server or network with a flood of internet traffic, according to Cloudflare.
Ukrainian government contractors working in Latvia and Lithuania were also affected by malware attacks, Symantec Threat Intelligence confirmed.
Cybersecurity experts believe Russia has been planning these cyberattacks for months.
Russia has also previously attacked U.S. infrastructure.
One attack happened as recently as 2020, when Russian hackers infiltrated several government agencies after they compromised software from SolarWinds, an IT management software company based in Texas.
The breach affected systems used by the U.S. Treasury Department, as well as the Energy and Commerce departments, and other government agencies.
A month later, the federal government — both the White House and the FBI — issued warnings to all American businesses about potential and likely cybersecurity threats relating to the current international climate stemming from Russia’s invasion.
The Virginia Association of Broadcasters (VAB) said those in media are already subject to ongoing threats of cyberattacks. They say the fact that the public relies on broadcasters to disseminate emergency information and other news only increases the likelihood that the media will be targeted.
According to the federal government, there are eight key steps that all businesses should take immediately to protect themselves from the current threat (as well as all other cyber threats). These steps are memorialized in a recent White House “Fact Sheet. Additional useful information is available in a recent FBI release.
Here are the eight steps recommended by federal government cybersecurity experts:
- Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;
- Deploy modern security tools on your computers and devices to continuously look for and mitigate threats;
- Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors;
- Back up your data and ensure you have offline backups beyond the reach of malicious actors;
- Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack;
- Encrypt your data so it cannot be used if it is stolen;
- Educate your employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly; and
- Engage proactively with your local FBI field office or CISA (Cybersecurity & Infrastructure Security Agency) Regional Office to establish relationships in advance of any cyber incidents. Please encourage your IT and Security leadership to visit CISA’s and the FBI’s websites to find technical information and other useful resources.
In particular, CISA has launched a new “SHIELDS UP" resource page with detailed cybersecurity guidance for businesses to consider employing, and the FBI’s cyber threat web resources are updated regularly.
The National Association of Broadcasters has made various cybersecurity resources available on its website, including some free resources for members and non-members alike.
