TRENDING:

Business Continuity Management / Disaster Recovery , Critical Infrastructure Security , Cybercrime

US Sends Top Cyber Official to Europe Amid Ukraine Crisis

Deputy National Security Adviser Anne Neuberger to Speak With EU Counterparts Dan Gunderman (dangun127) • February 1, 2022    
US Sends Top Cyber Official to Europe Amid Ukraine Crisis
File image of U.S. Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger

With tensions mounting on Ukraine's eastern border, where Russia has massed some 100,000 troops, U.S. cybersecurity officials have grown increasingly concerned over the threat of direct cyberwarfare carried out against Ukrainian networks, and perhaps retaliatory attacks on Western nations intervening. As such, the U.S. dispatched its top cyber official to Europe on Tuesday to discuss the Russian cyberthreat.

See Also: The State of Organizations' Security Posture as of Q1 2018

Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger will meet with European Union cybersecurity officials, along with representatives from NATO in Brussels, a senior Biden administration official told CNN.

Neuberger is also poised to meet Polish and Baltic officials and members of the Bucharest Nine, including NATO members Poland, Lithuania, Romania, Slovakia, Latvia, Bulgaria, the Czech Republic, Hungary and Estonia.

"Across all of these engagements, our focus is on ensuring that the U.S. and our allies and partners are prepared for any cyber-related contingency and prepared to respond in the current environment," the administration official said, according to The Hill. "We will also discuss how we will coordinate and support Ukraine, and each other, in the event that cyberattacks occur."

Neuberger will also meet with representatives from Germany and France, the official said.

Growing Concerns

Neuberger's trip comes amid poor diplomatic relations between the Kremlin and the West, which has promised to support Ukraine against cyber and kinetic threats.

Russian President Vladimir Putin has worked to prevent Ukraine's entry into NATO and has requested a NATO troop removal from Eastern Europe - terms that have drawn international condemnation. With the threat of possible invasion looming, foreign policy experts have increasingly pointed to cyberwarfare as a main weapon at the Russians' disposal.

On Monday, Symantec's Threat Hunter Team also outlined a specific Russian cyberespionage campaign conducted on a Ukrainian network in 2021. Symantec, a part of Broadcom Software, calls the group in question Shuckworm. Researchers say the group has leveraged phishing emails to inject remote access tools for reconnaissance and possible data exfiltration, and they point to other "living off the land" tools upon which the group has relied (see: Report Details Russian Cyberespionage Efforts in Ukraine).

The firm said the alleged spies, who are linked to Russia's Federal Security Service, or FSB - the main successor to the Soviet Union's KGB - use malicious Microsoft Word attachments to plant backdoors that allow for persistence and the delivery of more malware.

A recent report published by the Security Service of Ukraine, or SSU, pointed to similar findings. According to that report, the Shuckworm group has been responsible for over 5,000 attacks against more than 1,500 Ukrainian government systems since 2014.

Rhetoric Worsens

At the same time, rhetoric between the Kremlin and the West has become more pointed. U.S. President Joe Biden has warned Putin to de-escalate and seek diplomatic solutions and has said the U.S. is prepared to issue severe sanctions if Putin's troops use force. On Monday, Press Secretary Jen Psaki confirmed that the U.S. and the U.K. are prepared to punish Russian elites close to Putin with asset freezes and travel bans if Russia crosses into Ukraine, according to Reuters.

Still, experts fear possible kinetic action will first be enabled, or exacerbated, by direct military cyberattacks on Ukrainian infrastructure.

"In many cases, the balance of cyberwarfare capabilities is seriously tipped to one side or the other. Knowing the cyberwarfare capabilities of Russia, the U.S. recognizes the need to assist Russia's potential targets in defending themselves from this threat," says Erich Kron, a former security manager for the U.S. Army’s 2nd Regional Cyber Center.

And any response, he adds, will demand international collaboration.

"Much like we have seen consortiums formed to deal with economic threats such as ransomware originating from this region, combined efforts to counter [these] threats will become as common as our joint kinetic efforts have been in the past," says Kron, who is currently a security awareness advocate for the firm KnowBe4.

Other experts say network defenders - particularly suppliers to larger companies or government agencies - must understand the capabilities of this adversary.

"These [Russian] cybercriminals terrorize specific individuals and know exactly what information they need to compromise their victims," says Sami Knuutinen, a technical expert with the security firm LogPoint. "The instigators behind these attacks … typically have the resources, manpower and experience to do real damage."

Officials warn that any wide-scale cyberattack carried out by the Russians would likely be accompanied by a complex disinformation campaign meant to confuse Ukrainian citizens and undermine the government, led by Volodymyr Zelenskyy.

U.S. Ambassador to the United Nations Linda Thomas-Greenfield (Photo: U.S. Embassy Namibia via Flickr)

New Developments

Ukrainian news agency Ukrinform reported on Tuesday that a delegation led by EU Commissioner for Neighborhood and Enlargement Olivér Várhelyi visited Ukraine's state service for Special Communications and Information Protection to confirm the political and economic union's support for Ukraine and to build out its cybersecurity capacity.

"You have to move in this direction very fast if you want to have concrete results," the EU commissioner said, according to the Ukrainian outlet.

The same report indicates that Ukraine has pursued the following cybersecurity initiatives: creating a National Center for Reservation of State Information Resources and a secure internet access system, among others.

The announcements follow a string of cyberattacks on Ukrainian targets earlier in January, which affected the websites of its ministries of Education and Science, Foreign Affairs, Energy, Environmental Protection, Emergency Services, Treasury and others.

Late last week, NATO Secretary General Jens Stoltenberg said at an event that "NATO is the foundation for peace and stability" and that the military alliance will continue to communicate with Russia to find a political solution.

And on Monday, tensions spilled over to a United Nations Security Council meeting, where top diplomats from the U.S. and Russia had a verbal spat over Russia's antics and the West's response.

"Russia's actions strike at the very heart of the U.N. Charter," said U.S. Ambassador to the U.N. Linda Thomas-Greenfield. "This is as clear and consequential a threat to peace and security as anyone can imagine."

"We continue to hope Russia chooses the path of diplomacy over the path of conflict in Ukraine. But we cannot just wait and see," she said, calling Russia's mobilization of troops the largest in Europe in decades.

In response, Russian Ambassador Vasily Nebenzya accused Washington of "whipping up tensions and rhetoric and provoking escalation."

Previous
ITRC Data Breach Report Shows Surge in Data Compromises
Next
Congressman Moves to Amend Controversial Crypto Measure

About the Author

Dan Gunderman

Dan Gunderman

Former News Desk Staff Writer

As staff writer on the news desk at Information Security Media Group, Gunderman covered governmental/geopolitical cybersecurity updates from across the globe. Previously, he was the editor of Cyber Security Hub, or CSHub.com, covering enterprise security news and strategy for CISOs, CIOs and top decision-makers. He also formerly was a reporter for the New York Daily News, where he covered breaking news, politics, technology and more. Gunderman has also written and edited for such news publications as NorthJersey.com, Patch.com and CheatSheet.com.



Around the Network

Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.