Biden Warns of Russia Cyberattack on US Businesses & Economy

The United States Government has warned privately-held American firms about the growing threat of cyberattacks from Russian hackers.

President Biden warned on Monday that Russia is considering launching cyberattacks on the US businesses in revenge for the economic sanctions placed on Moscow for the invasion of Ukraine.

The President advised private sector organizations in the United States to tighten their cybersecurity against a potential Russian breach in a statement released days before he travels to Brussels for a NATO summit.

“It’s part of Russia’s playbook,” President Biden said in the statement. “Today, my administration is renewing those concerns, based on increasing data indicating the Russian government is considering hacking possibilities.”

I’ve previously warned about the potential that Russia could conduct malicious cyber activity against the U.S. Today, I’m reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks. https://t.co/wO2jJgg5SJ

— President Biden (@POTUS) March 21, 2022

According to Anne Neuberger, the deputy national security advisor for cyber and new technology, the administration has no evidence of a specific, significant potential cyberattack against the United States but rather “preparatory activities” targeting critical infrastructure.

Key Findings:

• The US government has been more cautious about Russian hackers’ activities, even as it accuses Moscow of meddling in the 2016 presidential election.
• The private warnings respond to mounting concerns from companies such as Microsoft Corp. (MSFT) and Cisco Systems Inc. (CSCO) that hackers are targeting in Russia and other countries.
• The private, non-public warnings, first reported by Bloomberg, also signal the growing concern among US officials, who have been reluctant to publicly discuss alleged Russian hacking activities.
• The private warnings also come as President Joe Biden’s administration reviews options to retaliate against Russia for its alleged hacking activities.

As the crisis in Ukraine rages, the US has previously warned that Russia may attempt to attack US corporations. According to Ms. Neuberger, the Biden administration’s warning on Monday was an attempt to raise awareness of Russia’s ability to launch a digital attack on American infrastructure.

Ms. Neuberger stated that the administration had lately noticed “preparatory behavior” for future hacking of American infrastructure and had shared that knowledge with businesses in a secret briefing last week. Scanning websites for flaws is one example of this type of action. Ms. Neuberger stated unequivocally that Russian hacking of essential infrastructures, such as oil and energy firms and hospital systems, continues to be a serious concern.

“There’s so much more we need to do to the confidence that we’ve shut our digital doors, especially for Americans’ important services,” Ms. Neuberger said, noting that the private sector manages most of America’s critical infrastructure. “Those owners and operators have the power and obligation to harden the systems and networks we all rely on.”

Last week, the White House briefed more than 100 US corporations on the best ways to guard against a cyberattack. On Monday, the Trump administration issued a directive to businesses to “quickly reinforce your cyber defenses,” recommending actions such as enabling multifactor authentication, ensuring data backups offline, and teaching personnel on hacking techniques.

In the statement, Mr. Biden added, “You have the authority, the capacity, and the obligation to increase the cybersecurity and resilience of the key services and technology Americans rely on.”

Protected Harbor’s Take On The Issue

As one of the top cybersecurity firms in the US, Protected Harbor has been following the matter for a long time. Last week Richard Luna, CEO of Protected Harbor, had a session with SCMagazine about how U.S. businesses can protect themselves from Russian cybersecurity attacks.

He gave the following tips on how to protect from Russian cyber-attacks.

• A solid and robust firewall is a must that can be backed up by effective anti-virus software running on all devices in your network.
• Install network segmentation or ‘air gapping,’ which prevents data transfer between networks without proper authorization. This process also limits potential damage if one part of your system gets hacked as it will not spread across the whole company’s systems afterward, potentially destroying them all at once.
• Continuous monitoring for the unusual activity should be done through logging tools like Palo Alto Network’s next-generation firewalls (NGFW). The logs should then be analysed daily, so any anomalies are immediately noticed.
• Enable MFA for all websites, accounts, systems, and network logins, especially emails. A typical method is that an application is loaded on the users’ mobile device generating a series of random codes during the login process. The user is requested to enter the code along with the password.
• Patch for all vulnerabilities and software, even the old ones. Do not take shortcuts because if you only patch against known attacks, you may get caught due to an unknown vulnerability. Patch your systems, networks, websites, mobile applications, and everything on the Internet.

US Businesses need to quickly identify vulnerabilities, exposure, and misconfigurations that can give opportunities to hackers for gaining a foothold in their IT infrastructure and then implement relevant patches. Russian operators are well known for exploiting edge systems.

The Cybersecurity and Infrastructure Security Agency has put an alert recently that lists 13 known vulnerabilities used by Russian state-sponsored criminals to compromise networks. Network cybersecurity and network protection are essential for a company’s safety, as criminals detect the loopholes to infiltrate the system.

The recent attacks on government sites were carried out using trivial tools. Multiple users accessed the website at the same time causing a crash. Western governments and agencies are also at risk of cyberwar, as we have discussed in this article. Businesses need to take proactive measures to strengthen their security.

Protected Harbor can help organizations protect themselves and their IT operations from known and unknown attacks, including all forms of malware, ransomware, viruses, and phishing. We help businesses back up their data and prevent ransomware attacks or other security issues resulting in data loss. Learn more about Protected Harbor and reach out for a free IT Audit to see how we can help against the Russian Cyber Invasion.