Together with other countries, the USA warns of Russian cyberattacks on Western organizations. Ransomware groups could also participate in this. Security authorities from the USA, Australia, Canada, New Zealand, and Great Britain (Five Eye countries) warn of Russian cyberattacks on organizations and critical infrastructures in western countries that support Ukraine in Russia's war of aggression. Cyberattacks by Russia could also come "in response to the unprecedented economic costs" that the imposed sanctions are causing, according to the U.S. Cyber Security and Information Security Agency (CISA).
"In light of recent intelligence indicating that the Russian government is evaluating options for potential cyberattacks on U.S. critical infrastructure, CISA, together with our interagency and international partners, is releasing this advisory to address the proven threat and capabilities of Russian state-sponsored and Russia-affiliated cybercrime groups," said CISA Director Jen Easterly.
U.S. President Joe Biden also referred to "developing evidence that the Russian government is evaluating options for potential cyber-attacks". He called on companies and organizations to step up their network defences immediately.
Ransomware groups can also pose a threat
In addition to the direct threat posed by Russian Advanced Persistent Threats (APT) such as Cozy Bear or Fancy Bear, which are said to be responsible for the Bundestag hack in 2015, "several cybercrime groups recently publicly pledged their support for the Russian government .", stressed the CISA. The groups have also threatened retaliation and launched attacks on Ukrainian websites.
The Federal Office for Information Security (BSI) has also repeatedly warned of a threat in the course of the Ukraine war. In addition, the BSI recommended authorities and companies refrain from using products from the Russian security company Kaspersky. Due to Russian threats against the E.U., NATO, and the Federal Republic of Germany, there are doubts about the manufacturer's reliability. The BSI explained that Kaspersky could be forced to carry out attacks against his will.