The US administration has claimed a large-scale cyber-attacks on American infrastructure from Russian hackers.
The Biden administration said that the Russian cyberattack on US infrastructure appear a reaction to the US sanctions imposed on it over the Ukraine invasion.
In his recent speech, US President Joe Biden accused Russia of preparing to use “harsher tactics” to attack the functioning of US strategic infrastructure.
Meanwhile, in recent days, the White House officials have motivated American companies and institutions, particularly the vulnerable sectors, to be ready to foil attempts of stealing sensitive data and an invasion of ransomware, attributed to pro-Russian hackers.
According to Chainalysis, since 2021 about 74% of all the amount paid as digital ransom has gone into the pockets of hackers connected to Russian groups, TRT World reported today.
The Biden administration claims that a full-scale Russian cyberattack on US infrastructure is underway as the Kremlin’s response to the sweeping sanctions imposed on it over the Ukraine attack.
In his last speech, President Biden accused Russia of preparing to use “harsher tactics” to attack and jeopardise the functioning of US strategic infrastructure and thus create “unpleasant economic consequences” for Washington.
The advice that White House officials have been giving in recent days to companies and institutions in particularly vulnerable sectors suggests that Washington is preparing for both attempts of stealing sensitive data and an invasion of ransomware, often attributed to pro-Russian hacker groups.
According to Chainalysis, since 2021 about 74 percent of all the entire amount paid as “digital” ransom has gone into the pockets of hackers having links to the Russian Federation jurisdiction.
Experts said that the US banking networks and defence companies could be targeted by the hackers.
In February, US and UK intelligence communities reported the emergence of new malicious software called Cyclops Blink. The virus, which was first used against WatchGuard Firebox network security devices, is thought to have been developed by Sandworm, a group of hackers close to the Russian leadership. Consulting firm Mandiant has identified Cyclops Blink as a software that may trump all others.
Digital bombing
US authorities have a fairly extensive list of claims against Russia when it comes to projecting cyber threats. One of the biggest episodes in recent years was the spread of the NotPetya virus in 2017 which hit Ukraine first and then a wider range of other countries. Initially, it was thought that the malware had been designed for extortion, but later it turned out that its functionality was much broader and more dangerous: it cleared the hard drive of the computer, leaving no chance for data recovery.
At the beginning of military operations in Ukraine, when three strains of the Wiper malware simultaneously attacked local infrastructure, it became clear who had launched the attacks.
The first strain, called HermeticWiper, was diagnosed on February 23, that is, one day before the start of the full-scale attacks initiated by Russia. Here the masterminds of the sabotage were ahead of the game.
The desire to anticipate the actions of an opponent in the cybersphere may date back to the days of former US President Barack Obama. After the Kremlin allegedly authorised the scandalous infiltration of the US Democratic Party’s National Committee mail server for theft of confidential emails, the White House responded in the strongest possible terms, allegedly giving the green light to place some kind of cyberweapons inside Russian infrastructure in 2016, “the digital equivalent of bombs” that could detonate at any moment, the Washington Post wrote.
The decision, which, according to the disclosures, was made after a long brainstorming session at the inter-agency level, left the impression that the US executive branch and intelligence agencies would potentially act against Russia in cyberspace based on the notorious pre-emptive defence principle. It should be noted that despite the friction between Moscow and Washington over the years, the semi-mythical “digital bombs” have never been used.
Hot stage of the conflict
funds that were transferred as “digital” ransom payments have gone into the pockets of hackers allegedly linked to the Russian Federation jurisdiction.
The escalation scenario in the cybersphere was calculated by experts close to the US government at the earliest stage of the current hostilities in Ukraine. The US banking structures and defence companies could be targeted, according to local officials. Infrastructure is another sore point.
In February, US and UK intelligence communities reported the emergence of new malicious software called Cyclops Blink. The virus, which was first used against WatchGuard Firebox network security devices, is thought to have been developed by Sandworm, a group of hackers said to be especially close to the Russian leadership. Consulting firm Mandiant has identified Cyclops Blink as a software that may trump all others.
Digital bombing
US authorities have a fairly extensive list of claims against Russia when it comes to projecting cyber threats. One of the biggest episodes in recent years was the spread of the NotPetya virus in 2017 which hit Ukraine first and then a wider range of other countries. Initially, it was thought that the malware had been designed for extortion, but later it turned out that its functionality was much broader and more dangerous: it cleared the hard drive of the computer, leaving no chance for data recovery.
At the beginning of military operations in Ukraine, when three strains of the Wiper malware simultaneously attacked local infrastructure, it became clear who had launched the attacks. The virus deleted user information and data from drives connected to the infection source.
The first strain, called HermeticWiper, was diagnosed on February 23, that is, one day before the start of the full-scale attacks initiated by Russia. Here the masterminds of the sabotage were ahead of the game.
The desire to anticipate the actions of an opponent in the cybersphere may date back to the days of former US President Barack Obama. After the Kremlin allegedly authorised the scandalous infiltration of the US Democratic Party’s National Committee mail server for theft of confidential emails, the White House responded in the strongest possible terms, allegedly giving the green light to place some kind of cyberweapons inside Russian infrastructure in 2016, “the digital equivalent of bombs” that could detonate at any moment, the Washington Post wrote.
The decision, which, according to the disclosures, was made after a long brainstorming session at the inter-agency level, left the impression that the US executive branch and intelligence agencies would potentially act against Russia in cyberspace based on the notorious pre-emptive defence principle. It should be noted that despite the friction between Moscow and Washington over the years, the semi-mythical “digital bombs” have never been used.
