IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Special Districts Program Fireside Chat

Special districts – particularly critical infrastructure operators – should brace for an increase in disruptive cyberattacks connected to Russia’s war on Ukraine, warned Christopher Krebs, former director of the federal Cybersecurity and Infrastructure Security Agency (CISA), during a live Special Districts Program webcast in April.

Krebs, who was CISA director from 2018 to 2020, said Russian cyber operations could begin targeting the U.S. and its NATO allies in retaliation for tightening economic sanctions on Russia and growing military aid to Ukraine.

“There’s a belief that Russia may start causing us pain here,’” said Krebs, who is now a private cybersecurity consultant. Key takeaways from this important session include:

  • Take federal cybersecurity alerts seriously: Krebs called President Biden’s recent warning about potential attacks on critical infrastructure unprecedented in its urgency. He also pointed to a joint CISA/FBI alert in March about possible threats to satellite communications networks commonly used by water districts, power providers and other critical infrastructure operators to connect remote facilities.
They don't issue those alerts just for giggles; they're trying to send a message,” Krebs said. “So you really need to think about how you're configuring your operational technology.

  • Everyone is at risk: Krebs said attackers often target midsize and small organizations with weak cybersecurity defenses. These attacks could seek to cause panic by shutting down vital government services or extract payments through ransomware. Community water and energy districts — which have strong motivation to fork over payments to avoid service disruption — could be at particular risk.

  • Prioritize protection: District leaders must prioritize security improvements to cope with the heightened threat environment. That may mean moving up deployment timelines for cyber-protection measures such as multi-factor authentication and delaying projects that aren’t related to security. “This is anything but business as usual,” Krebs said.

Watch the recorded webcast here