On April 20, the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and the FBI issued a joint advisory with the Five Eyes’ cyber intelligence services.
The advisory provides businesses and organizations with technical details on “malicious cyber operations” by the Russian intelligence services.
Moscow has relied on its intelligence services for its cyber work. The Russian Federal Security Service (FSB), Russian Foreign Intelligence Service (SVR), Russian General Staff Main Intelligence Directorate (GRU), and Russian Ministry of Defense, Central Scientific Institute of Chemistry and Mechanics (TsNIIKhM) have been conducting offensive cyber operations against the U.S. and the West for years.
But the Kremlin has been shrewdly outsourcing its dirty cyber work to cyber threat groups and cyber crime groups that on the surface have nothing to do with the Russian government. This clever arrangement offers Moscow and Russian President Vladimir Putin plausible deniability.
“We know that malicious cyber activity is part of the Russian playbook. We also know that the Russian government is exploring options for potential cyberattacks against U.S. critical infrastructure. Today’s cybersecurity advisory released jointly by CISA and our interagency and international partners reinforces the demonstrated threat and capability of Russian state-sponsored and Russian aligned cyber-criminal groups to our Homeland,” CISA Director Jen Easterly said in a press release.
The CISA director went on to urge all organizations to visit the agency’s website and review the latest guidance in the advisory on how to protect themselves and their business.
Russia and its security services are well-known for their advanced cyber capabilities. It was, after all, Russian cyber operators that hacked and interfered in the 2016 U.S. presidential election.
Thus far in the war, the Kremlin has largely held back its cyber capabilities. Of course, that is not to say that the Russians haven’t used their cyber weapons at all. Ukraine has repeatedly been attacked by Russian cyber operators. However, the great cyber Armageddon that many expected hasn’t materialized—at least not yet.
In addition to the U.S. intelligence agencies, the Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), National Cyber Security Centre New Zealand (NZ NCSC), and the British National Cyber Security Centre (NCSC-UK) and National Crime Agency signed the warning.
A Call To Arms
U.S. President Joe Biden had already warned the American business and tech communities of the danger of Russian cyberattacks.
In late March, the White House issued a fact sheet on how to fend off Russian cyberattacks, which were thought to be very likely.
“This is a critical moment to accelerate our work to improve domestic cybersecurity and bolster our national resilience. I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners. It’s part of Russia’s playbook. Today, my Administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks,” President Biden had said.
Cyberattacks can cripple a nation’s critical infrastructure and mess up a business’ dealings with equal ease.
“If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year. You have the power, the capacity, and the responsibility to strengthen the cybersecurity and resilience of the critical services and technologies on which Americans rely. We need everyone to do their part to meet one of the defining threats of our time — your vigilance and urgency today can prevent or mitigate attacks tomorrow,” Biden had said.
1945’s New Defense and National Security Columnist, Stavros Atlamazoglou is a seasoned defense journalist specializing in special operations, a Hellenic Army veteran (national service with the 575th Marine Battalion and Army HQ), and a Johns Hopkins University graduate. His work has been featured in Business Insider, Sandboxx, and SOFREP.