The FBI recently released a bulletin reporting an increase in network scanning coming from several Russian IP addresses. Not surprisingly, everyone is on edge tracking what Russia might be preparing for in the cyber world – especially in the energy sector.
Russian Cyber Activity
So far, the Russian activity has been limited to probing and scanning computer networks for vulnerabilities and routes for further intrusion. The FBI identified 140 overlapping IP addresses of five U.S. energy companies, as well as the IPs of 18 other U.S. companies, including those in the defense industrial base, financial services and information technology sectors.
Since February 15, the Ukrainian government has had over 3,000 DDoS or distributed denial of service attacks on various Ukrainian government websites. U.S. cybersecurity experts have speculated for some time now that Russia has been using Ukraine as a type of testing ground for powerful cyber weapons that can be used successfully against the U.S. and other countries. It is believed this heightened risk of cyber attack on the U.S. is retaliation for the sanctions against Russia.
FBI and White House Call on Companies to Shore up Cyber Defenses
Typically, cyberattacks just don’t happen. FBI Director Christopher Wray said in regard to cyber attacks, “There’s activity that leads up to it. There’s scanning and researching, researching a victim, scanning for vulnerabilities and systems. There’s developing access to those systems. So, there’s a whole range of preparatory work, which is what we’ve been seeing,” he said.
The FBI reported an 82% increase in ransomware attacks between 2019 and 2021. Cybercriminals, including the Russian-based group REvil, have attacked 40,000 U.S.-based companies and has received over $150 million in ransom payments usually in the form of some type of virtual currency such as bitcoin.
On March 21, while addressing a Business Roundtable of our Nation’s largest corporations, President Biden told those in attendance, “The magnitude of Russia’s cyber capacity is fairly consequential. “And it’s coming.” As a result, he has urged U.S. companies to shore up their cyber defenses making them as strong as possible in preparation for what seems to be an imminent cyber-attack. The consensus doesn’t seem to be if an attack will happen, but rather when.
No Time for Cyber Complacency
Now is not the time for U.S. companies to be complacent in regard to their company’s cyber defenses, but instead commit resources to shore up against intrusion. It is far more expensive in lost time and money to recover from a cyber-attack than it is to prepare a defense against one.