President Joe Biden charged the Department of Homeland Security (DHS) with responding to the Russia-Ukraine crisis Thursday following Russia’s military invasion of Ukraine and the deluge of denial of service, phishing and malware attacks on Ukrainian critical infrastructure, including the Ukrainian military and major banks.
The Cybersecurity and Infrastructure Security Agency (CISA) also published a “Shields Up” memo warning federal agencies and U.S. critical infrastructure companies of the potential for cyber fallout from the crisis.
“As part of the Unified Coordination Group, CISA will do everything in our power to help our nation prepare for and respond to threats,” CISA Director Jen Easterly tweeted Thursday evening.
Some news reports suggested national security advisors presented Biden with “cyber options” to respond to Russia’s aggression against Ukraine, but White House Press Secretary Jen Psaki said this is “off base and does not reflect what is actually being discussed in any shape or form” in a tweet Thursday.
The CISA memo said there are no “specific or credible” cyber threats to the U.S. at this time, but warned of the potential for cyberattacks following sanctions imposed on Russia.
“Every organization — large and small — must be prepared to respond to disruptive cyber activity,” the memo said.
CISA recommends all U.S. organizations validate remote network access with multi-factor authentication, ensure software is up to date, and prep cyber teams to respond quickly to threats and share the information with CISA. The memo also recommends CEOs lower the reporting threshold for unusual activity in the interest of caution and participate in test response plans to stay nimble in this heightened threat environment.
CISA released a “CISA Insight” advising critical infrastructure owners prepare for potential foreign influence on Feb. 18, when cyberattacks on Ukrainian critical infrastructure began to accelerate.
“We need to be prepared for the potential of foreign influence operations to negatively impact various aspects of our critical infrastructure with the ongoing Russia-Ukraine geopolitical tensions,” Easterly said in a statement accompanying the insight. “We encourage leaders at every organization to take proactive steps to assess their risks from information manipulation and mitigate the impact of potential foreign influence operations.”
Sen. Mark Warner encouraged American businesses to “strengthen all their cyber defenses” and warned that Russia is fighting “a kinetic and a cyber war” in a tweet Friday.
“I remain particularly concerned about the reports of cyber attacks and the way the international community could be at risk,” he added. “There’s historical precedent to suggest these could be devastating for individuals, businesses and entire countries.”
The United Kingdom’s National Cyber Security Centre also warned U.K. organizations to fortify cyber defenses in response to the Russia-Ukraine crisis.