One unsettling reality most Americans need to consider is the threat of a cyberattack from Russia on any U.S. software or computer systems. Although the acts of war that Russia is currently waging on Ukraine might feel surreal and distant to anyone watching from their television in the United States, an attack through the virtual realm isn’t. It has happened here, all the way on the other side of the world, and it is almost assuredly going to happen again—likely in a much more destructive way.
Now, this isn’t to sound like a doomsdayer or someone trying to stir up paranoia. Instead, this is a reality check so that anyone who uses a computer (or smartphone or tablet…in other words, most people) can take the proper steps they need to if they want to protect their online property and sensitive information from Russian hackers.
Russian Cyberattacks: Not Just Paranoia
Before delving into what you can do to improve your online security, it’s beneficial to understand why cyberattacks from Russia are such a concern.
First, you should understand that in addition to the bombs and missiles that it is dropping on Ukraine, the Russian government is also undertaking cyberattacks. Destructive software has been circulating through many computer systems, wiping most or even all data from them, and causing problems from both government agencies and critical businesses. When cybersecurity company ESET tweeted that all of this was happening, it noted that this kind of cyberattack comes after months of planning.
“Well, Yeah, but That’s Ukraine…Not the United States”
Unfortunately, the United States isn’t invulnerable to an attack like this one. You might recall that in spring 2021, Russian hackers made a cyberattack on U.S. agencies. A Russian-based hacking group took down the Colonial Pipeline, our country’s largest fuel pipeline, leaving many along the East Coast without access to gasoline.
If the United States were to take an active stand against Russia’s invasive attack on Ukraine, the United States could potentially see escalated cyber warfare of this nature, as could other Western countries. In the past, cyberattacks from Russia have been singular attacks upon one victim at a time. However, if Russia were to create a sustained, coordinated campaign of attacks on multiple systems, this could present a serious problem.
What Kind of Cyberattacks Could There Be?
It’s hard to directly identify what agencies and institutions would likely be the victims of these Russian cyberattacks. However, it’s likely that there would be government entities and even private businesses that serve critical purposes in society, such as banks and other financial institutions. Energy companies and infrastructure services are also at risk.
Specifically, there is concern that Russia could use cyberattacks to stop or delay any public transportation. Such examples include activities to subway trains, contaminating sources of public drinking water, and even shutting down entire power grids that provide electricity to communities. Any of these cyberattacks leave large portions of populations at risk. If bodies such as first responders (police and firefighters) or hospitals are within the areas affected by these shutdowns, the result could be even more disastrous. In the end, these cyberattacks would make the United States a much more vulnerable country.
What Can We Do?
It’s scary to think about this possibility, but the best thing anyone can do is be prepared. Government bodies like the Cybersecurity and Infrastructure Security Agency (CISA) are preparing to defend the United States against such attacks and to provide citizens with the information they need to protect themselves. It even maintains a listing of Russia cyber threats and related advisories.
Additionally, if you run a private business, you can take the necessary steps to ensure your own cybersecurity is stronger. Conduct an audit of your cyber defenses on your website and the critical cyber networks you run. If you find that there are any vulnerabilities, address them immediately.
It is also helpful to prioritize artificial intelligence that can detect cyberattacks before they happen, shut them down, or protect your system from being wiped out.
Here are some other important steps you can take:
- Avoid using any outdated software, apps, or systems. Install your updates as soon as possible.
- Don’t give away any personal information online and use the strictest privacy settings possible.
- Strengthen all of your passwords with uppercase letters, lowercase letters, numbers, special characters, and so forth.
- Always check to confirm your connection to sensitive websites are secure
- Be diligent about checking your bank accounts and credit on a regular basis. Keep an eye out for suspicious activity.
- Remember to trust your instincts. If something seems sketchy, cease any interaction. If you are asked to provide sensitive information (banking numbers, passwords, or social security number), do not provide it unless it is from a trustworthy source.