Russian invasion of Ukraine highlights need for cybersecurity at local level
The Russian invasion of Ukraine hasn’t only taken place on the ground—it’s also been conducted online. Ahead of the unprovoked attack, the Cybersecurity and Infrastructure Security Agency witnessed destructive malware attacks against Ukrainian infrastructure “to destroy computer systems and render them inoperable,” according to a security advisory issued by the federal organization this week.
According to the advisory, WhisperGate, a type of malware that “corrupts a system’s master boot record, displays a fake ransomware note, and encrypts files based on certain file extensions,” was deployed by Russian agents Jan. 15 and HermeticWiper, which impacts systems in a similar way, was observed Feb. 23.
“Further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries,” the federal cybersecurity advisory says. “Organizations should increase vigilance and evaluate their capabilities encompassing planning, preparation, detection and response for such an event.”
As American administrators watch events unfold in Europe, local leaders are undoubtedly investigating the security of their own IT networks and bolstering protocols. If precedence is a barometer—given the rapid rise in cyberattacks on public infrastructure, even before the Russian invasion—focusing on cybersecurity is a good step.
“If you’ve got an IT administration, you’re in one of the fairly well funded jurisdictions,” said Jim Richberg, public sector field chief for Fortinet, a California-based cybersecurity corporation, and former chief of the National Intelligence Manager for Cyber, the senior federal organization focused on cyber intelligence for the 17 organizations and 100,000 employees of the US Intelligence Community. Richberg oversaw implementation of the Comprehensive National Cybersecurity Initiative under presidents George W. Bush and Barack Obama.
Many smaller public organizations “are doing IT on a BYOD basis—using their personal device—or they’re using IT from elsewhere,” Richberg said. “It really is a problem. And the reality is there are local governments that are very resource constrained.”
To read the complete article, visit American City & County.