US And Allies Issue Advisory Warning of Russian Cyber Attacks
Earlier this month, the cybersecurity bureaucratic arms of the United States, Australia, Canada, New Zealand, and the United Kingdom, put out a joint Cybersecurity Advisory that warned organizations in their respective countries that the world is be at a heightened risk of “malicious cyber activity” from Russia, as a result of the ongoing war in Ukraine. It is a shared belief of the US and its allies that countries that have supported Ukraine may soon bear the brunt of a coordinated cyber offensive from not only state-sponsored Advanced Persistent Threat Groups (APTs), but also a number of Russia-based and non-government affiliated hacking gangs that have “recently publicly pledged support for the Russian government.”
These hacking gangs are threatening to mobilize operations in retaliation for cyber offensives that have targeted the Russian government and its citizens.
Moreover, some of the groups have threatened to begin offensive cyber-attacks against nations and private organizations that have provided military support to Ukraine. These attacks would be supplemental to Russian government’s efforts, which have included distributed denial-of-service (DDoS) attacks, malware, and ransomware attacks, like the Russian-based Hermetic Wiper attacks that affected hundreds of organizations in the Ukraine by wiping out data on Windows computers.
These threats of increased Russian-based hacking come just as lobbying groups for several financial sector entities governed by the Securities and Exchange Commission (SEC) are butting heads with corporate boards regarding the implementation of reporting requirements for any SEC regulated entity that is the victim of a hacking or cybersecurity event.
“The SEC’s actions in the past year, paired with recently released rules, draw a line under the critical role of management and boards in protecting not just investors and customers, but also the sound functioning of American business,” according to Friso van der Oord, Senior VP at the National Association of Corporate Directors. “Preparing effective disclosure of material cyber risks and incidents has long been a key principle of cyber risk oversight advocated by NACD.”
Lobbying groups for the financial sector are in favor of newly proposed reporting rules created by the Cybersecurity and Infrastructure Security Agency (CISA).
Moreover, that are part of the new Cyber Incident Reporting for Critical Infrastructure Act of 2022. The act, which passed in the omnibus spending bill on March 15, 2022, requires critical infrastructure companies, which may include financial services companies, and other businesses for “which a disruption would impact economic security or public health and safety,” to report cybersecurity incidents or ransoms paid to the federal government.
These changes are not expected to be immediate however, as according to the text of the act, CISA has a whopping 24 months after the bill’s passage to create proposed rules on what constitutes a reportable offense.
To contrast, India's cybersecurity bureaucratic arm, CERT-In, just published new guidelines that require entities, both public and private, to report cybersecurity incidents, including data breaches, within only six hours!
"Any service provider, intermediary, data center, body corporate and Government organization shall mandatorily report cyber incidents to CERT-In within six hours of noticing such incidents or being brought to notice about such incidents," the Indian government said in a release.
Despite the current text of the Cyber Incident Reporting for Critical Infrastructure Act of 2022, because of the increased threat because of the ongoing war, CISA can always modify the law in an effort to move it along more quickly, but there is no indication of that currently. That said, is the slow implementation of new cyber rules evidence that America is falling behind in the ongoing global cyber war? Some would certainly say yes but coming off a 2021 that saw the infamous Colonial Pipeline and JBS Foods cyberattacks, and with CISA is expecting 2022 to be an even more eventful year in the cybersphere, perhaps the US should take a page out of the Indian playbook and ask for a faster response time in the interest of intel sharing, for at least the time being.
Julio is a business and political strategist, the Editorial Director for Reactionary Times, and a political commentator and columnist. Julio’s writing focuses on cybersecurity and politics. Websites including Newsmax, Townhall, American Thinker and BizPacReview have published Julio’s work.
US And Allies Issue Advisory Warning of Russian Cyber Attacks