Russia-Ukraine crisis could include cyber attacks
The White House believes Russia is responsible for recent cyberattacks targeting Ukraine's major banks and Ministry of Defense. This as many Americans are concerned about cybersecurity – theirs, and the nation’s.
“The attacks we’ve seen to date have been a little more slow-burning, where they try to get into software supply chains and basically get into American systems for espionage purposes,” said Jacob Shively, an associate professor of Government at the University of West Florida.
He adds that it’s hard to say just what kind of cyberattacks to expect from the Russians, partly because they’re expected to take into consideration any political fallout, and may even try to avoid anything dramatic.
“They may instead go for attacks that may be a little more signaling — showing American officials that they have access to their systems, particularly U.S. government,” Shively said. “Maybe some U.S.-critical infrastructure; things like electrical facilities, hospitals that type of thing.”
Shively is quick to add that so far, the Russian government has not directly attacked such targets so far. But those would be targets if there’s a direct confrontation between the U.S. and Russia.
But just in case, American entities must be ready and that begins, says Shively, with what he calls “basic digital hygiene.”
“If you’re a local entity, private business, or even state agency, looking to the federal government – Homeland Security and so forth, for guidance on what they are seeing as immediate or pressing threats,” he said.
There doesn’t appear to be a heightened concern in the Florida Panhandle over possible cyber-shenanigans from the Russians at this point, says Shively, any more than any other type of flare-up, with nobody knowing just where any kind of attack will come from.
“You’re probably as concerned about private actors, criminal organizations and so on, as much as you are maybe a large government,” said Shively. “In some ways, you’re more likely to be targeted by those types of actors, because there’s less symbolic value that a government might be interested in.”
But that said, not only businesses and governments need to watch out. Anyone who surfs the Internet can be targeted by the bad guys, as Shively learned first-hand.
“My son was telling me about something amusing, targeting Vladimir Putin on Instagram; so I thought, ‘OK, I’ll get on and check it out,’” Shively said. “And I found out very quickly that I had to change my passwords, because the system was telling me somebody was trying to get into my account.”
To avoid what Shively calls “casting a broad net” in search of vulnerable computers,” he repeats the “basic digital hygiene” recommended for the big boys.
“Be sure that you are not clicking through to something you’re not entirely sure about,” he said. “Also, in a wireless world, be careful about which networks you get on, and who else may be on that network — particularly if you’re out in public. It’s very easy to put on your laptop and not realize there are others who can access your system.”
Bottom line, says Shively — do your best to stay a step or two ahead of the bad guys.
“Think about your passwords, keep them updated annually at least; following the news is valuable and important, but ultimately, when it comes to these types of big geopolitical threats, your individual vulnerability isn’t necessarily much higher than it is at any other time during the year.”
Meanwhile, U.S. cyber officials over the past few months have increased their outreach within the private sector urging the nation's critical infrastructure owners and operators to bolster cyber defenses.