US Officials and Cyber ​​Security Experts Sound the Alarm Over Potential Russian Cyber ​​Attacks

US Officials and Cyber ​​Security Experts Sound the Alarm Over Potential Russian Cyber ​​Attacks

Cyber ​​security expert Tony Chiappetta has been closely watching the war in Ukraine, worried about the new battlefield threatening the US.

“It is something that Russia has not only talked about, but has demonstrated its capabilities,” Chiappetta told 5 EYEWITNESS NEWS.

Chiappetta said that for more than twenty years, his White Bear Lake company, CHIPS, has investigated more than 2,000 incidents related to malware and other cyber problems.

But now, with the war raging for more than two months, that new battlefield uses weapons including keyboards, monitors and malware.

Chiappetta says that when it comes to Russian hackers, it’s not a question of if, but when.

Does this keep you up at night?

“You know he does. You look at the infrastructure and you see how vulnerable it is,” Chiappetta said. “They have come up with things called disc wipers, which are not meant to fetch a ransom like you often hear about on the news, but are meant to destroy. These types of malware are being actively used and there is no geographic border per se with that technology.”

He is not the only one sounding that warning.

John Vandegrift, a cybersecurity expert at the University of Minnesota, said that months before a single shot was fired in Ukraine, Russian hackers broke into electrical installations and caused massive blackouts during the winter cold.

“Russia is using that as part of their war,” he said in an interview. “Before they invaded Ukraine, they attacked the infrastructure. Some of the power grids were shut down. I think it was several hundred thousand Ukrainians who were left without power for a period of time.”

Just a few weeks ago, the Biden administration sounded the alarm.

The Cyber ​​Security and Infrastructure Security Agency (CISA) launched a campaign called ‘Shields Up’.

In a report published on April 20, CISA said that the Russian invasion of Ukraine could include malicious cyber activity against the US, including in response to economic sanctions against Russia by the US and its allies.

“Evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks,” the report says. “All organizations, large and small, must be prepared to respond to disruptive cyber incidents. As the nation’s cyber defense agency, CISA stands ready to help organizations prepare for, respond to and mitigate the impact of cyber attacks.”

CISA says it is focused on protecting vital infrastructure, including the power grid, the financial sector, transportation and communications.

“If you wake up one day and you can’t use your cell phone, you can’t turn on the lights, you can’t get water out of the sink, you know, that’s going to shake things up … and infrastructure like that is everywhere,” Chiappetta explained.

CISA says the report is not just for US businesses, but for anyone who buys gasoline, goes to the grocery store or uses an ATM.

“I’m sure activity has increased since the Ukraine conflict,” says Pam Houg, office manager for the Minnesota Council of Health Plans.

We ask if you think the business world is prepared for a Russian cyberattack.

“No, not all of them,” Houg notes. “Because it takes foresight and planning to set up a good cybersecurity system.”

The council is a trade association for nonprofit health plans in Minnesota, covering thousands of people statewide.

“Our health plans need a broad level of protection due to privacy laws and HIPAA,” says Houg. “I know that we have been attacked several times in one day.”

After a phishing attack several years ago, he says Chiappetta, his IT security provider, introduced him to a software application called AppGuard, which disrupts malware.

Houg says he is confident his computer networks are safe and secure, but adds that his firewalls face up to 30 attacks a day.

“Of course, Russia and other countries, especially China, are out there trying to meddle in our system every day,” he says. “As soon as they find a vulnerability, they will block it, identify it, and see how they can exploit it.”

John Higginbotham, the inventor of AppGuard, says the software is pretty simple.

“It’s like a vaccine for your computer,” he explained. “It is not based on violations or threats. It’s actually integrating itself into the operating system and cyber stealing processes in a way that unauthorized outside forces can’t change those processes.”

Higginbotham says Shields Up is at least educating people about the Russian threat.

However, he says the complexity and age of US infrastructure make it difficult to defend.

“The pipelines, the water treatment facilities, the traffic lights, the power grids and all of that has been built over two, three, four decades,” he says. “It’s just a challenge to block all the vulnerabilities in an overall network on a national, regional and global scale.”

CISA says there are several things you can do to strengthen your cyber security, including multi-factor authentication on your accounts and updating software and operating systems on cell phones, tablets and laptops.

The agency says that multi-factor authentication must also be applied at the corporate level and that it must be confirmed that IT has “disabled all ports and protocols that are not essential for business purposes.”

CISA says that more than 90% of successful cyberattacks start with a single phishing email.

But experts say make no mistake: Russian hackers are already at work.

“There are several phases to a breach, and the first is reconnaissance,” says Vandegrift. “The collection of information and the survey”.

“They will go and try to identify their targets, learning about them,” adds Chiappetta. “Even going as far as mapping a target’s network so they know when they’re ready to go. They disable backups, bypass those protections instead, for maximum devastation, whatever their goal.”

You can find more information about CISA here.

Leave a Comment