This comes after Biden told American business leaders to strengthen their cyber defenses during a business roundtable Monday. Biden said Russia is likely to use cyber attacks in retaliation against the U.S. for imposing unprecedented sanctions on Russia after it invaded Ukraine.
Green said that, in reality, Russia is always capable of engaging in cyber attacks. The fact that the U.S. imposed sanctions on Russia doesn't necessarily mean Russian cyber attacks are coming. The real question: Is Russia willing to escalate the ongoing war by cyber-attacking the U.S.?
If it is, one course of action Russia could engage in, Green said, is ramping up cyber attacks against private firms like banks and retail companies. Another course of action for Russia would be launching cyber attacks on critical infrastructure in the U.S.
"(Critical infrastructure) attacks would be attacks on power, water, gas, oil, and systems like these, including supply chains of manufacturers for things like food, to cause a panic," Green said.
The largest fuel pipeline in the U.S., Colonial Pipeline, was hacked by a Russia-linked cyber crime group known as DarkSide in April of 2021. According to Bloomberg News, Colonial paid the hackers a $4.4 million ransom shortly after the hack. The hackers also stole nearly 100 gigabytes of data from Colonial and threatened to leak it if the ransom wasn't paid.
There are other groups like DarkSide that don't work for the Russian government directly, but they're given safe harbor to operate as criminal enterprises in Russia as long as they don't attack Russians, Green said.
These kinds of cyber attacks are what the U.S. can expect from Russia going forward, but the threat of Russia attacking the U.S. is nothing but speculation right now, Green said.
"I want to make sure that I'm very clear on this," he said. "There's no indication that the Russians have actually chosen to do anything. This is all just a giant, speculative what-if ... it's one of those things where we'll know what they decide to do when they decide to do it."
There is a third option, Green said, and it is that Russia decides to do nothing in the way of cyber warfare against the U.S. Green said this option is valid because "(Russia) doesn't want to escalate" the war.
Russia has, however, demonstrated its cyber capacity in Ukraine during the invasion. It engaged in cyber attacks using malware that can wipe clean data from any targeted organization. A Feb. 23 attack crippled websites of Ukrainian government agencies and financial institutions, according to McClatchy.
As many fear a potential cyber war, experts said it would look nothing like you'd imagine seeing in the movies.
Patrick Juola, professor of computer science and cybersecurity studies coordinator at Duquesne University, told McClatchy News that "we are not going to see any sort of weird sci-fi dystopia stuff."
"I don't know of anyone with the capacity to take over self-driving cars and send them into buildings," Juola said. "Even military drones are on special secure networks to keep them safe."
John Hultquist, vice president of intelligence analysis at Mandiant, a cybersecurity firm, said that a cyber war is "very possible," but added that "most of the cyber attacks we've seen have been nonviolent, and largely reversible," CNBC reported.
Scott Jasper, senior lecturer in national security affairs at the Naval Postgraduate School, warned that the Russian government does have the capacity to "damage critical U.S. infrastructure systems."
In 2020, Russian Foreign Intelligence Service hackers gained access inside "at least nine U.S. federal agencies and around 100 private companies, many in information technology and cybersecurity," he said. The hackers went unnoticed for months.
Hackers can overload bank and government websites, corrupt data and shut down power from energy and electric utilities, among other things, Jasper said.
While cyber attacks could affect people in Cobb, there is no need for Cobb citizens to panic right now. Everyone should just be watchful and mindful, Green said.
"The average citizen isn't going to be the target that the (cyber attacks) are going to go after," Green said. "These (attacks) are going to go after businesses that Cobb County citizens do business with. They're going to go after the Home Depots of the world ... the Deltas of the world."
As far as cyber attacks on businesses, all consumers can do is hope that places where they share valuable information are prepared.
"On a direct level, there's nothing that you can do as a consumer," Green said. "You're relying on and hoping for the best from the firms that you choose to do business with like your bank and your credit card company, right? You're hoping that they have created a security program robust enough to deal with these challenges."
There are things individuals can do to weather cyber attacks that affect them directly, however.
According to Green, keeping some cash on hand and writing down critical telephone numbers and passwords would pay off greatly. It is important to be able to access "anything that you think is critical to your daily ability to exist" without the use of the internet in the event of a cyber attack.
TIPS FOR COMPANIES TO STAY SAFE
The White House is now urging U.S. companies to follow these steps:
- Mandate the use of multi-factor authentication systems.
- Use security tools on devices to continuously monitor threats.
- Change passwords across networks.
- Backup and encrypt data.
- Run exercises and emergency plans.
- Educate employees on cyber attacks.
- Engage with local federal agencies in advance of any cyber incidents.
TIPS FOR PEOPLE TO STAY SAFE
Here are some steps Americans can take to protect themselves online, according to the Cybersecurity and Infrastructure Security Agency:
- Implement multi-identification factor on all accounts, such as a confirmation text message, code from authentication app or face ID.
- Update the software on your phones, tablets and laptops, as well as your applications.
- Use strong passwords.
- Don't click on links you don't recognize — "more than 90 percent of successful cyber attacks start with a phishing email," according to CISA.
©2022 Marietta Daily Journal, Ga. Distributed by Tribune Content Agency, LLC.
