Can the US defend against Russian cyber-attacks?

On April 20, cyber-agencies from the United States, Australia, Canada, New Zealand, and the United Kingdom put out a joint cyber-security advisory warning entities in their respective nations that because of Russia's ongoing invasion of Ukraine, the world has a heightened risk of "malicious cyber-activity."  It is now believed that there will likely be a Russian-initiated offensive directed at Ukraine's allies, in particular those responsible for levying the sanctions that have been catastrophic to the Russian economy.

These dangers that are currently posed are not limited to attacks from state-sponsored Advanced Persistent Threat Groups (APTs), however.  According to the advisory, several Russian non-government-affiliated hacking gangs have "recently publicly pledged support for the Russian government." 

Some of these groups have also threatened to initiate cyber-attacks against government and private organizations that may have provided materiel support to Ukraine over the past couple of months.  And since the outbreak of war, there have already been countless disruptive attacks against Ukrainian websites.  Some of these attacks are believed to be carried out by sympathizers of the Russian military offensive.

These attacks have served to supplement Russian government efforts, as recent Russian hacks have included distributed denial-of-service (DDoS) attacks in addition to malware and ransomware attacks against the Ukraine government and its domestic infrastructure. 

These new dangers that agencies like America's Cybersecurity and Infrastructure Security Agency (CISA) warn of arrive just as lobbying groups for several powerful financial-sector entities that are regulated by the Securities and Exchange Commission (SEC) are butting heads with corporate board members regarding implementation of new cyber-security reporting requirements for any SEC-regulated entity.

"The SEC's actions in the past year, paired with recently released rules, draw a line under the critical role of management and boards in protecting not just investors and customers, but also the sound functioning of American business," according to Friso van der Oord, senior V.P. at the National Association of Corporate Directors.

The lobbyists for the financial sector instead favor newly proposed reporting protocols that come as part of the Cyber-Incident Reporting for Critical Infrastructure Act of 2022, which was created by CISA and passed in March of this year as part of a larger omnibus bill.  The act will require infrastructure entities, which may include financial services companies, energy, and other critical businesses, to report virtually all cyber-security incidents or ransoms paid to the government.

The changes brought forth by the act will not be immediately instituted, however, as, according to the text of the Cyber-Incident Reporting for Critical Infrastructure Act of 2022, CISA has 24 months after the bill's passage in March of this year to create proposed rules on what constitutes reportable offenses, and then another 18 months after proposal of said rule to then define the final rule.  So, in plain language, it means that the act's final thresholds for incident reporting will likely not be completely defined for over three years, as currently written.

Despite the act's current language, and because of the global instability caused by the ongoing war, CISA may modify the act to move incident reporting rules along more quickly during what it expected to be a period of increased hacking that is already under way, with hacks including the Russian-based Hermetic Wiper attacks having already devastated hundreds of organizations in Ukraine, with its ability to wipe out data on Windows computers.

The last twelve months have seen hacking episodes explode in the U.S., with the Colonial Pipeline and JBS Foods cyber-attacks grabbing major headlines.  Now CISA, as well as lateral groups globally, expect the rest of 2022 to be even more damaging.  If the current Ukraine conflict eventually has a larger role for the U.S. and NATO to play, this situation can easily develop into a Third World War punctuated by hacking at an unprecedented level.  Will Joe Biden's Executive Branch be up to that task?

Julio Rivera is a business and political strategist, the editorial director for Reactionary Times, and a political commentator and columnist.  His writing, which is focused on cyber-security and politics, has been published by numerous websites, and he is regularly seen on national and international news programming.

If you experience technical problems, please write to helpdesk@americanthinker.com