The US Cybersecurity and Infrastructure Security Agency (CISA) warned nations’ defenders yesterday against disruptive and defacement attacks today.
These, the agency said on Thursday, may spur from attempts to sow chaos and societal discord on the anniversary of Russia’s 2022 invasion of Ukraine.
“In response to the heightened geopolitical tensions resulting from Russia’s full-scale invasion of Ukraine, CISA maintains public cybersecurity resources, including Shields Up,” the blog post reads.
According to Zac Warren, chief security advisor of EMEA at Tanium, moving forward, the industry will witness additional cyber activity as a preemptive activity to physical war.
“There were plenty of cyber-attacks coming from Russia to Ukraine and other countries, including NATO,” Warren told Infosecurity in an email.
“This shift makes it critical that we look at critical infrastructure on a global scale, as many countries are when it comes to their cyber-hygiene.”
More generally, Warren said several points in critical infrastructure could be quickly taken out or slowed down by a cyber-attack.
“The conflict in Ukraine demonstrated that cyber is now the starting point for modern warfare, and it’s high time we prepare for the realities of future conflict.”
Phil Neray, VP of cyber defense strategy at CardinalOps, echoed Warren’s point, adding that the reason recent attacks haven’t caused more widespread damage is that Ukraine has considerably improved its continuous security monitoring capabilities in the past few years.
“They also moved their critical data from on-premises servers to the cloud, where it could be better protected,” Neray told Infosecurity in an email.
“Gaining more high-fidelity detections at all security layers (endpoint, network, email, IAM, cloud, etc.) — and moving to the cloud — are the key lessons we can take from the past year.”
The anniversary of the Russian invasion of Ukraine comes days after Google published a report outlining Russia’s cyber strategy in the conflict.