BUFFALO, N.Y. — With the Russian military attacks on Ukraine there is also the more subtle but also devastating cyberwarfare waged by the Russians and possible allies under state-sponsored attacks. This week the federal government warned there could similar incidents here in the US as tensions escalate between the White House and the Kremlin.
2 On Your Side spoke to a cybersecurity consultant who is also a former FBI agent and a UB School of Management Professor who is also a cybersecurity expert for their insights.
The US government has been preparing for sometime with everything from the military's Cybercommand to the newly formed CISA - Cybersecurity and Infrastructure Security Agency - formed prior to the 2020 election.
From D.C. our politicians like US Senator Charles Schumer boast: "In Washington, we have strengthened our defenses and our offenses on cyber. In other words, we have very good cyber offense."
But the US Government Accountability office says the 2020 Solar Winds attack from Russian sources actually penetrated federal agencies from Justice and Treasury to the Pentagon and even CISA.
Holly Hubert of GlobalIntelligenceIQ is a cybersecurity consultant and former FBI agent from the Buffalo Field Office. She points out, "It's one of their tools of warfare - cybercrime. And we know they're aligned with China and so that is another massive state - sponsored threat."
Just like constant email phishing attempts for cyber bad guys looking for a way into a company, so called Russian reconnaissance and internet probing may be underway.
So now "Shields Up" as US Homeland Security warned the business community this week that everything from the power grid and utilities to financial institutions and anything in between could be targets if the situation with sanctions and counterthreats escalates into cyberattacks.
It could have distinct purposes according to Professor Dominic Sellitto of the UB School of Management who is also a cybersecurity expert. He said, "When we're destabilizing government websites it's to sow distrust and doubt in the government's ability to defend its people. And also to create panic right? For example last night we saw Ukrainian financial institutions and ATMs even knocked off line and nothing causes a panic quite like people not being able to get access to their money."
In recent years here in Western New York, we saw ECMC and the Buffalo Public Schools hit by ransomware attacks - perhaps from hackers overseas. These potential denial of service attacks could be worse for companies and US citizens.
That's why there are suggestions for companies to have Disaster Preparedness planning with backup options. 2 On Your Side asked if companies could, "Consider how to go back to pencil and paper if you will without computers at times?."
Sellitto answered, "There are certainly just some things that can't go back from digital to analog"
He says company managers should take inventory of their core functions to be prepared. "In certain cases it's falling back to paper like it may have been in some healthcare organizations when their systems were take off line or perhaps it is the capability to set up alternative technology quickly."
And maybe now it is just another cost of business for companies. Hubert says: "To have good, skilled cybersecurity practitioners come in and do a thorough, rigorous assessment on cyber risk and cyber vulnerabilities."