Chester Wisniewski, longtime friend of this blog and principal research scientist at Sophos, has been studying Russian cyber aggression for a very long time. In a new piece he describes the kind of threats we can expect from Russia as that country looks to attack Ukraine: distributed denial of service (DDoS) attacks, digital defacement and spam, disinformation and isolation, the paralysis of power supplies, email hacking, false flags, supply chain attacks, and malware attacks on supply chains.
Russia’s official “The Military Doctrine of the Russian Federation” from 2010 states: “the prior implementation of measures of information warfare in order to achieve political objectives without the utilization of military force and, subsequently, in the interest of shaping a favourable response from the world community to the utilization of military force.” …
Information warfare is how the Kremlin can try to control the rest of the world’s response to actions in Ukraine or any other target of attack. …
The United States and United Kingdom are trying to preempt some of the misinformation campaigns, and this could limit their effectiveness. However, we shouldn’t assume the attackers will stop trying, so we need to remain prepared and vigilant. …
From a global perspective, we should expect a range of “patriotic” freelancers in Russia, by which I mean ransomware criminals, phish writers and botnet operators, to lash out with even more fervor than normal at targets perceived to be against the Motherland. …
While defense-in-depth security should be the normal thing to strive for at the best of times, it is especially important if we can expect an increase in the frequency and severity of attacks.