President Joe Biden warned recently that “evolving intelligence” indicated Russia was weighing its options for hacks against potential targets including banks, the power grid, water treatment plants and hospitals, as CBS News reports. “The magnitude of Russia’s cyber capacity is fairly consequential,” Biden said, speaking before the Business Roundtable, a group of large corporations. “And it’s coming.”
Some cybersecurity pros see positive signs. Companies have been fending off Russian hackers for several years already, so they’re better placed to endure more such assaults, according to Sandra Joyce, head of global intelligence at cybersecurity firm Mandiant.
“Many of the technical hardening steps organizations can take in preparation for destructive Russian cyber attacks are best practices for preparing against ransomware,” noted Joyce, writing in Barron’s. That might include boosting defenses for privileged user accounts or imposing tougher firewall policies. Joyce maintained that the private sector’s lessons from ransomware have also been strategic, involving crisis management, intelligence sharing and more.
U.S. cybersecurity policy has changed dramatically since last year’s Colonial Pipeline hack, which prompted the pipeline operator to pay a $5 million ransom and curb fuel supplies without talking to the government until afterward, as MIT Technology Review reports. “We’re at an inflection point,” Chris Inglis, the White House’s national cyber director, said in an interview. The new cyber approach reportedly strengthens federal oversight, requires companies to take minimum cybersecurity steps and step-up enforcement. The old “market-first” strategy is no more. Think of a cybersecurity equivalent to the Clean Air Act or the creation of the Food and Drug Administration.
Russia’s invasion of Ukraine has changed the cybersecurity threat universe forever, according to a report from market researcher Forrester. The firm has called on chief information security officers across corporate America to help put together a communications plan for the board and C-suite, which should be constantly updated, as Cybersecurity Dive explains. Forrester even urged CISOs to come up with a set of frequently asked questions to help senior management address public concerns about cybersecurity risks.