On March 8, President Biden announced that the US will no longer import any energy from Russia — dealing the Kremlin a major economic blow. Now, experts say it's likely that Russia could retaliate. And one of the ways it could hit the West back is with cyberattacks. Quick reminder: Russia has gone all-in on upping their cyber capabilities over the past few years. And Russian hackers have even not-so-subtly attacked US infrastructure already. (See: this, this, and this).
To break down this threat — and the next potential stage of this war — our “Skimm This” team spoke with Nicole Perlroth. She’s a cybersecurity journalist, an advisor to the US Cybersecurity and Infrastructure Security Agency, and the author of “This Is How They Tell Me The World Ends.” Listen to the interview — or scroll down to read more — below.
“[The attacks against Ukraine have] been much more lightweight than we expected. We expected Russia to do a repeat of what they did in 2015, 2016 — when they actually used cyber tools to turn off the power in western Ukraine and then later in Kiev, but we haven't seen that. Instead, what we've seen is sort of lower-level sabotage.
“The first thing they did was they launched what's called a denial of service attack, where they flooded banks, and some government agencies, with junk web traffic so that you couldn't access the websites or, in some cases, people couldn't access the ATM.
“Then we caught them installing what's called wiper malware on a number of Ukraine government ministries and agencies. Wiper malware is actually what North Korea used on Sony. What it does is it just erases your data, but its impact is that it can really paralyze your operation. So far the cyberattacks have been relatively contained. It's not what we thought it would be. ”
“Russia understands that the United States and the West have a very soft underbelly when it comes to cyber. We have basically automated and digitized our entire economy. Critical infrastructure like pipelines, aviation systems, railways, banks, you name it…And all that digital connectivity allows for an attacker to basically sabotage systems remotely.
“If you look at some of the cyberattacks Russia's conducted over the last decade, we've seen them hack energy and oil companies, pipelines…So in many cases, we know they have access. We also know that they have the capabilities to shut these systems down. The only thing they haven't had was the geopolitical impetus to actually pull the trigger on these things.
“And that's why people who have been covering Russia, cyberattacks, and their capabilities understand just how vulnerable we are here…We know that if pushed into a corner, this is the most likely way Russia would respond.
“When you think about it, it's a huge psychological weapon. I think ultimately it's inevitable that he [Russian President Vladimir Putin] will start pushing the button on some of these capabilities.”
“This is where it's really important to listen to Putin's words on sanctions. Over the last couple of weeks, it was ‘we don't care, we're prepared.’ But then…he actually called it a declaration of war. So, if it's a declaration of war, how would he respond?"
“We are, I still believe, the top dog when it comes to cyber offense. The sophistication of the cyberattacks the US has pulled off in the past against Iran, in particular, nobody has come close to that level of sophistication. [But] the US is now one of the most frequently targeted nations on Earth by cyberattacks.
“We saw — just in last year alone — what cyber criminals were doing. They hit Colonial Pipeline. They hit our hospitals. They hacked into our water treatment facilities. They didn’t get as far as actually causing harm, but it gives you a sense of just how vulnerable the US is.
“And really we're dealing with this structural challenge, which is 80% of America's critical infrastructure — water power pipelines, dams, telecom banking — is in private hands…But they have no rules mandating that they secure it. And that means we're very vulnerable.
“Scandinavian countries are very much digitized…But they have a very low rate of successful attacks to total number of attacks…That’s because they had these very comprehensive, strong, national cybersecurity policies and laws that had real sticks for companies that operate critical systems. If they didn't use two-factor authentication, they didn't encrypt sensitive data, if they didn't have antivirus installed, if they didn't log what was happening on their network, they were fined.
“So those laws work, but here in the US, anytime we've attempted to even do half of that, it gets killed by lobbyists. So the lesson is that in this space, cyber laws work.”
“Get a chief information security officer if you don't have one. And then empower that person and do whatever they say, give them whatever budget they need. The main thing is that people need to understand that enterprises need to be logging what's happening on their network and searching for suspicious activity so they can report it and shut it down.
“And then it's the bare basics, which is cyber hygiene. Use a password manager. Turn on two-factor authentication. Wherever you can, run phishing exercises with your employees so they're not clicking on phishing. I know that sounds really basic, but 80% of ransomware attacks happen through some combination of phishing and a lack of two-factor authentication.
PS: For more of our conversation with Nicole Perlroth, check out our “Skimm This” episode.
Still have more questions about the conflict? We've got you covered with...
The Daily Skimm. Sign up to get the latest news on what's happening in Ukraine in your inbox every morning.
"Skimm This." Listen to our news podcast for expert context on the crisis.
Our Q&A on everything that’s going on with the Russia-Ukraine war, from the countries’ histories to how sanctions are impacting both Russia’s and the US’s economies.
Expert advice on what to do if the conflict is weighing on you.
Skimm'd by Hannah Parker, Alex Carr, and Maria McCallen
Sign up for the Daily Skimm email newsletter.
Delivered to your inbox every morning and prepares you for your day in minutes.
As society continues to digitize, cybercriminals are looking for new ways to disrupt tech, steal information, and extort money from companies and people. We Skimm’d how hackers use ransomware to cause some of the biggest data breaches seen in modern history. And how you can protect yourself from them.
From skirting sanctions to soliciting donations, here’s how both sides are leveraging crypto in this conflict.
The war might look far away on a map, but the economic impacts are actually quite close to home.