Did you miss a session at the Data Summit? Watch On-Demand Here.


President Joe Biden warned today that a wave of new Russian cyberattacks against targets in the U.S. could be getting closer. But nearly a month into Russia’s assault on Ukraine, this raises that question: Why now?

And are such attacks potentially coming as a response to sanctions against Russia over Ukraine — or something more?

Cybersecurity industry veteran Mike Hamilton thinks it’s likely to be the latter. And that “something more,” he says, could be the hacking efforts by volunteers such as the Anonymous hacktivist group.

“Part of this may be driven by the pretext that has been provided by an army of volunteers,” said Hamilton, founder and CISO at security firm Critical Insight, and formerly the vice-chair for the DHS State, Local, Tribal and Territorial Government Coordinating Council.

“After Anonymous has gone after pipelines, the Russian space agency, electric vehicle charging stations, broadcast television, and unsecured printers it is credible to claim that this is an aggressive action by the United States and retaliation may be under consideration,” Hamilton said in comments provided via email.

Today, Biden released a statement saying his administration is in possession of “evolving intelligence that the Russian Government is exploring options for potential cyberattacks.”

This has prompted Biden to reiterate previous warnings that “Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners.”

“It’s part of Russia’s playbook,” Biden said in the statement.

The U.S. federal government has been warning for weeks that Russia may retaliate against the U.S. for the country’s support of Ukraine, and actions taken to impose a financial cost on Russia for its unprovoked assault on its neighboring country.

Blaming the U.S.

Cyber experts, however, have also been suggesting for weeks that there’s a risk of Russia mis-attributing, or otherwise holding the U.S. responsible for, the cyberattacks that hactivists and other Ukraine-supporting hackers have been carrying out against Russia.

“It’s difficult, if not impossible to quickly determine where an attack came from, or who was behind the attack,” said John Dickson, vice president at Coalfire, in a previous email to VentureBeat. “Things can get messy quickly. And the risk of ‘hack back’ cyberattacks from the Russians directed toward the U.S. and west becomes more likely.”

With Biden’s statement today, that likelihood seems to now be higher.

“The language in the announcement by the White House is beginning to edge up on ‘specific and credible’ threats,” Hamilton said — though he said it’s notable that the statement does cite “evolving intelligence.”

“My Administration will continue to use every tool to deter, disrupt, and if necessary, respond to cyberattacks against critical infrastructure. But the Federal Government can’t defend against this threat alone,” Biden said in the statement. “Most of America’s critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors.”

For more than a month now, the Cybersecurity and Infrastructure Security Agency (CISA) has been calling on businesses and government agencies to put “shields up” in the U.S. Today, CISA director Jen Easterly said that Biden’s statement “reinforces the urgent need for all organizations, large and small, to act now to protect themselves against malicious cyber activity.”

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More



Source link