Conflict in Ukraine, sanctions imposed on Russia increase cyber threat to U.S.

Prepare now or pay the price, a leading cyber security expert recommends. Though cyber hasn’t become a dimension during Russia’s invasion of Ukraine, it might – and critical infrastructure, including power grids, telecommunications, water and financial services, could be Russian targets in the U.S.

“This is an imminent national and economic security issue,” said Frank Cilluffo, director of the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University. “One cannot assess the cyber threat in isolation of the broader geopolitical landscape. The fact that we’ve ratcheted up sanctions, financially and through Russian oil imports, and if we’re genuinely able to cut the Russian government and their oligarchs from the Society for Worldwide Interbank Financial Telecommunications (SWIFT), that will have significant economic implications to Russia, but also increases the cyber threat to the U.S. homeland.

“If I can prognosticate on where this might be going, Europe is on the front lines for some of the initial cyber activity right now. In terms of Russian capabilities, we can’t pat ourselves on the back and take a victory lap because we haven’t seen any significant cyberattacks against the West. These capabilities can be brought to bear in the future. Not to belittle the situation and refer to it as a game, but we’re in the early innings.”

Russia is no stranger to cyberattacks, said Cilluffo, who recently served as a member of the Cyberspace Solarium Commission and the Department of Homeland Security’s Advisory Council.

“The first-known, international, intensive cyberattack against another nation was a large-scale distributed denial of service (DDoS) attack perpetrated by Russia against Estonia back in 2007, aimed at online government services, banks and news organizations,” he said. “Then look at Russia’s invasion of Georgia in 2008, where it disrupted communications as a prelude to kinetic and physical attacks. They did the same in Crimea in 2014.”

Ukraine was dealt a cyber blow on Dec. 23, 2015 – as Russian cyber operatives knocked out the nation’s power grid for up to six hours. Was this a test?

“Ukraine, in 2015, was a practice field for Russian activity,” said Cilluffo, whose opinion piece, “The Window for U.S. Cyber Readiness Is Still Open — But It's Closing Fast,” was published Tuesday by Fox News. “I believe some of this was to test their cyber capabilities and refine their tactics, techniques and procedures that can be brought to the United States.”

Who are Russia’s cyber warriors?

“It’s difficult to know who’s the puppet and who’s the master,” Cilluffo said. “Russia has many bad actors engaged in this space. Russia has turned to criminal organizations as proxies in the past to do Mother Russia’s bidding. These criminals are incredibly sophisticated and behind many ransomware attacks.”

Therefore, preparation is vital — and ground zero — Cilluffo said, is protecting the nation’s power grid.

“Without power, nothing else is up and running,” Cilluffo said. “Keep in mind, most of our critical infrastructure is owned and operated by the private sector and clearly the time to marry our capabilities from government and industry should be priority one, two and three as we prepare for a cyber blowback.”

What’s our best defense mechanism? Technology — much of which is already in place — people, and collaboration between the public and private sectors.

“We have defense mechanisms built in to fend off attacks, so there’s much capability there,” said Cilluffo, who added China, North Korea and Iran to the list of potential cyber ‘bad actors.’ “Regardless of our capabilities, we still have significant vulnerabilities we need to backfill. No matter how good our technology is, and it’s getting better, we’ll never be 100 percent secure.”

Cilluffo also considers the national cyber security workforce shortage as a “national security issue.”

“Great universities, such as Auburn, are playing vital roles in ameliorating that risk, but we’ve got a long way to go. We recognize the call to action. We have an opportunity and responsibility, K through 12, to arm and educate young students with cyber training and become the next generation of cyber warriors and defenders.

“Cyber warfare is going to be with us for a very long time. Moving forward, every form of conflict will have a cyber dimension. I want to be sure we have the most capable cyber warriors and that our cyber defenders can minimalize the impact or consequences of bad cyber actors which, unfortunately, are growing in number by the day,” he said.