How much damage could a Russian cyberattack do in the US?

Share This
()
Hackers can get eyes inside systems that are supposed to be secure. Yuichiro Chino via Getty Images

Scott Jasper, Naval Postgraduate School

How much damage could a Russian cyberattack do in the US? U.S. intelligence analysts have determined that Moscow would consider a cyberattack against the U.S. as the Ukraine crisis grows.

As a scholar of Russian cyber operations, I know the Kremlin has the capacity to damage critical U.S. infrastructure systems.

Federal officials have been bracing for this. In January 2022 the U.S. Cybersecurity and Infrastructure Security Agency issued an alert that outlined the Russian cyberattack threat, with technical details of sophisticated Russian-led hacking from recent years. That included a complicated digital break-in that targeted the U.S. energy industry and gained access to the control rooms of U.S. electric utilities. According to Homeland Security officials, the hackers “could have thrown switches” and knocked out power to the public – but did not.

AP THE TREE SUNSHINE Unisex 3/4 sleeve Raglan T-shirt

In mid-February 2022, federal cybersecurity experts met with executives from big U.S. banks to discuss defenses against Russian hacking attempts.

In Ukraine, the Russian offensive began Feb. 23, 2022, with cyberattacks aimed at overloading and shutting down bank and government websites. In addition there were reports of software capable of corrupting data having been secretly installed on hundreds of computers owned by large Ukrainian organizations in the financial, defense and information technology services industries.

That malicious software spilled outside Ukraine – it was found on computers in Lithuania and Latvia – which is reminiscent of the NotPetya attack. In 2017, a piece of malware that initially seemed to be ransomware was unleashed on Ukraine and spread widely, causing more than $10 billion in collateral damage to major international companies. The NotPetya attack was ultimately attributed to a Russian military unit.

U.S. officials have also highlighted that Russian cyberwarriors can gain access and remain undetected for long periods in key systems in the U.S.

Russian Foreign Intelligence Service hackers did this in 2020 when they gained access to SolarWinds software, used by many companies and government agencies to manage their computer networks. After initially breaking into the system, the Russians stayed undetected for seven months, even disabling antivirus software and using stolen login credentials to appear like legitimate users.

This attack gave Russians access inside at least nine U.S. federal agencies and around 100 private companies, many in information technology and cybersecurity.

It’s impossible to be certain there aren’t more Russian government hackers lurking undetected in critical companies and systems in the U.S. And wherever they are, they may have the ability to cause substantial damage.

[Get The Conversation’s most important politics headlines, in our Politics Weekly newsletter.]

Scott Jasper, Senior Lecturer in National Security Affairs, Naval Postgraduate School

This article is republished from The Conversation under a Creative Commons license. Read the original article.

AP COLLECTION

AP Collection The Sun Come Up Tomorrow White 12oz Enamel Mug

 

How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

No votes so far! Be the first to rate this post.

As you found this post useful...

Follow us on social media!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Share This

Leave a Reply

Your email address will not be published. Required fields are marked *