WA companies prepare as threat of Russian cyberattacks increases
SEATTLE – As major American businesses prepare for possible Russian-led cyberattacks, some Northwest information security experts are raising an alarm while others argue many companies are already prepared.
Barbara Endicott-Popovsky, director for University of Washington’s Center for Information Assurance and Cybersecurity, expects most Americans can’t imagine the cost of cyberwarfare, and warns that America’s water systems, electric grid and utility systems are at high risk. BECU credit union said Thursday it “increased our actions” to protect information through system scanning, monitoring, alerting and threat management.
But, Rob Lee, chief curriculum director and faculty lead at the information security cooperative Sans Institute, said most companies are prepared and now need to “batten down the hatches,” while WaFd Bank said it is confident in its “standard strategy,” and doesn’t expect most Washington residents would feel direct effects of a digital attack.
“There are certain macroeconomic factors that will impact their day to day life – we’ll see surges in gas prices and the increased strain on the supply chain because of what’s going on,” said David Wolf, the chief information security officer at Washington Federal. “But when it comes to the personal identity or the sensitive data of Washington citizens, I wouldn’t recommend that they be any more worried today than they were a couple of years ago.”
Following a Russian invasion of Ukraine and a pledge to enact “consequences” for any country that got involved, companies were on high alert for cyberthreats in retaliation to sanctions imposed by the United States and other countries Thursday.
Federal officials have not detected any credible threats to critical infrastructure, and President Joe Biden said the U.S. is “prepared to respond,” but the Department of Homeland Security is warning most organizations are at risk.
The Cybersecurity and Infrastructure Security Agency, part of DHS, has advised “all organizations – regardless of size – adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”
That could include designating a crisis response team, testing backup procedures and lowering the threshold for reporting and responding to potential cyberincidents. Companies that work with Ukrainian organizations should take extra care, the agency recommended.
Disabling or destroying critical infrastructure, like power or communications systems, can put pressure on a country’s government, military and residents, the agency explained.
“The internet is an unregulated war zone, and it has been that way for years,” Endicott-Popovsky said.
That’s not a new tactic for Russia. It has been using Ukraine as a “cyberattack playground” for several years, said Wolf from WaFd. Hackers from Russia are linked to the Colonial Pipeline hack in May that temporarily cut off most of the East Coast from fuel.
Globally, ransomware volume increased 232% in the last two years, according to an annual report from internet security company SonicWall.
It reported there were more than 623 million ransomware attacks in 2021. New types of malware detected also increased 65% year over year, SonicWall found.
Cyberevents tend to track closely with geopolitical events, said Lee, from the Sans Institute. That means if Russia reacts to the new sanctions with some stern statements, something could “flare up.”
“You can tell where things are heading based on the back and forth,” Lee said. “There’ll be warning.”
Small- and medium-sized businesses aren’t likely to be the first targets, Lee said, but they are also the most likely to be strapped for resources to respond.
The cyberattacks would most likely target three industries where a stop to service would have immediate impacts, Lee said: health care, finance and energy.