Yesterday, the White House announced the imposition of new economic sanctions against Russia in response to their cyberattacks against the U.S.; official statements specifically mentioned interference with the 2016 Presidential Elections and with the NotPetya global ransomware wave from 2017 as chief motivations behind the sanctions. The sanctions target 5 Russian enterprises and 15 individuals, 5 of whom had been sanctioned previously under President Obama.
Treasury Secretary Steven T Mnuchin said in a statement: “The Administration is confronting and countering malign Russian cyber activity, including their attempted interference in US elections, destructive cyberattacks, and intrusions targeting critical infrastructure.” He also stated the Treasury intends to impose additional sanctions on Russian officials to hold them accountable.
Also motivating the sanctions was an alert from the United States Computer Emergency Readiness Team warning of a Russian cyberattack against major domestic infrastructure and manufacturing enterprises, including electric grids and nuclear power plants. Dragonfly, the Russian-affiliated hacking group allegedly behind these new attacks, also targeted government entities, aviation, and commercial enterprises.
Experts state that electric grids are quite vulnerable to hacks given the thousands of sensors feeding them data, and the sheer volume of that data feeding their servers in turn. However, the essential functions of nuclear power plants are run on analog computers and are not connected to the Internet—it is impossible to hack them by deliberate design. Hackers may be able to access personnel and business files, but little else.
Cybersecurity experts find the White House sanctions little more than symbolic. Few of them see this step as anything more than a calculated political ploy, timed to coordinate with similar sanctions by other nation-states including the UK whiling avoiding scrutiny from the ongoing elections controversy. Security experts strongly believe that Russia will initiatie more cyberattacks in retaliation. They have not yet offered a national solution to nation-state cyberattacks, leaving security in the hands of individual enterprises.
- The Best SOAR Tools and Vendors to Consider in 2023 - November 26, 2022
- The 10 Best Open Source SIEM Tools for Businesses - October 13, 2022
- The Best Managed Detection and Response Vendors to Consider in 2023 - October 2, 2022