U.S. officials, cyber security experts sounding the alarm on potential Russian cyberattacks
Cyber security expert Tony Chiappetta has been closely watching the war in Ukraine, concerned about the new battlefield threatening the U.S.
“It’s something that Russia’s not only talked about doing, but they’ve proven their capabilities,” Chiappetta told 5 EYEWITNESS NEWS.
Chiappetta said that for over twenty years, his White Bear Lake company ‘CHIPS’ has looked into more than 2,000 incidents involving malware and other cyber issues.
But now, with the war raging on for more than two months, that new battlefield uses weapons that include keyboards, monitors, and malicious programs.
Chiappetta says as far as Russian hackers are concerned, it’s not a question of if, but when.
Does this keep him up at night?
“You know it does. You look at the infrastructure and see how vulnerable it is,” Chiappetta declared. “They’ve come up with things that are called disc wipers, that aren’t meant to get a ransom, like what you hear typically in the news, but it’s meant to destroy. These types of malware are actively being used and there’s no geographic border per se with that technology.”
He isn’t the only one sounding that warning.
John Vandegrift, a cybersecurity expert at the University of Minnesota, said months before a single shot was fired in Ukraine, Russian hackers broke into power facilities, causing massive blackouts during the bitter cold of winter.
“Russia is using that as a part of their warfare,” he said in an interview. “Before they ever invaded Ukraine, they attacked the infrastructure. They shut down some of the power grids. I think it was several hundred thousand of the Ukrainians who were without power for a period of time.”
Just weeks ago, the Biden administration sounded the alarm.
The Cyber Security and Infrastructure Security Agency (CISA) launched a campaign called ‘Shields Up.’
In a report released April 20, CISA said Russia’s invasion of Ukraine could include malicious cyber activity against the U.S., including as a response to the economic sanctions against Russia by the United States and its allies.
“Evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks,” the report says. “Every organization, large and small, must be prepared to respond to disruptive cyber incidents. As the nation’s cyber defense agency, CISA stands ready to help organizations prepare for, respond to, and mitigate the impact of cyberattacks.”
CISA says it’s focused on protecting vital infrastructure, including the power grid, the financial sector, transportation, and communications.
“If you wake up one day and can’t use your cellphone, you can’t turn on the lights, you can’t get water coming out of the sink, you know, that’s going to kind of shake things up … and infrastructure like that is everywhere,” Chiappetta explained.
CISA says the report is not just for corporate America but for anyone buying gas, going to the grocery store, or using an ATM.
“I’m sure the activity has increased since the Ukraine conflict,” says Pam Houg, the office manager for the Minnesota Council of Health Plans.
We asked if she thinks the corporate world is ready for a Russian cyberattack.
“No, everyone, no,” Houg notes. “Because it takes forethought and planning to set up a good cyber security system.”
The council is a trade association for non-profit health plans across Minnesota, covering thousands of people across the state.
“Our health plans need an extensive level of protection due to HIPPA and privacy laws,” Houg says. “I know we’ve been attacked multiple times in a day.”
After a phishing attack several years ago, she says Chiappetta, her IT security vendor, introduced her to a software application called AppGuard, which disrupts malware.
Houg says she’s confident her computer networks are safe and secure but adds her firewalls face as many as 30 attacks a day.
“For sure, Russia and other countries, especially China, are out there, trying to intrude on our system every day,” she notes. “As soon as they find a vulnerability, they’ll lock on it, and identify it, and see how they can exploit it.”
John Higginbotham, AppGuard’s inventor, says the software is pretty simple.
“It’s like a vaccine for your computer,” he explained. “It doesn’t rely on breaches or threats. It’s actually embedding into the operating system and cyber stealthing the processes in a way where external unauthorized forces can’t change those processes.”
Higginbotham says Shields Up is at least educating people about the Russian threat.
However, he says the complexity and age of the U.S. infrastructure make it difficult to defend.
“Oil pipelines, water treatment facilities, stoplights, energy grids, and these have been built over two, three, or four decades,” he says. “It’s just a challenge to lock down all the vulnerabilities in a widespread, mainstream regional, national scale network.”
CISA says there are several things you can do to strengthen your cyber security — including starting multi-factor authentication on your accounts and updating software and operating systems on cell phones, tablets, and laptops.
The agency says multi-factor authentication should also apply at the corporate level and that it should be confirmed that IT has ‘disabled all ports and protocols that are not essential for business purposes.’
CISA says more than 90% of successful cyberattacks start with a single phishing email.
But experts say make no mistake — Russian hackers are already at work.
“There’s several phases to a breach, and the first is reconnaissance,” Vandegrift says. “The gathering of information and probing.”
“They’ll be going and trying to identify their targets, learning about it,” Chiappetta adds. “Even going as far as mapping out a target’s network so that they know when they’re ready to go. They disable the backups, they circumvent those protections in place, so that they get maximum devastation, whatever their goal is.”