U.S., private sector may still be a cyber target for Russia amid Ukraine fighting
March 3, 2022 – Published on The Washington Times
Americans should expect escalating cyber operations targeting the private sector despite the apparent absence of large Russian cyberattacks so far in the Kremlin’s invasion of neighboring Ukraine, according to retired Adm. Michael S. Rogers.
Adm. Rogers, who formerly led the National Security Agency and U.S. Cyber Command, expects Russian-generated cyberattacks to spread in the weeks and months ahead. He said the public will know when such attacks occur.
Instead of nations openly battling in cyberspace, hacking groups have become prominent foot soldiers in the virtual war and have organized on social media and messaging platforms to disrupt targets associated with the Russian government. The activist hacking group Anonymous has already taken credit for knocking down Russian government websites since the fighting broke out just over a week ago.
Hackers sympathetic to Russia have also suffered. After the ransomware gang Conti announced its support of the Russian government, its internal communications were leaked online amid speculation that a Ukrainian insider or security researcher was responsible. Conti was one of the gangs that hammered U.S. infrastructure last year, and the FBI has said it observed Conti going after American health care networks.
New information obtained from the leaks reveal more about the ransomware gang’s alleged associations with the Russian government and could provide U.S. law enforcement with new leads for taking down cybercriminals.
The leak data also include information about the gang’s financing and previously undisclosed victims. Drew Schmitt, GuidePoint Security principal threat intelligence analyst, said estimates that Conti raked in more than $2 billion from its ransomware extortion efforts are reasonable.
Mr. Schmitt said messages referencing the gang’s money flow and cryptocurrency wallets will make it possible to trace the group’s financing. He also said reading through the chat logs will help the cybersecurity industry learn the gang’s behavior and understand better how to defend against ransomware in the future.
Read More HERE.