Recent Advisory Against Russian Hacking Attacks Comes as Financial Sector Fights New SEC Reporting Regulations
Last week, cybersecurity agencies from the United States and some of our key allies put out a new joint Cybersecurity Advisory warning entities in both the public and private sectors that as a result of Russia’s ongoing invasion of Ukraine, the globe has a heightened risk of “malicious cyber activity.” It is believed that there will likely be a multitude of Russian initiated cyber offensives directed at Ukraine’s allies, particularly those which have levied sanctions that have been catastrophic to Russia’s economy.
The dangers are not limited to attacks from state-sponsored Advanced Persistent Threat Groups (APTs), however. As per the advisory, several Russian non-government affiliated hacking syndicates have “recently publicly pledged support for the Russian government.”
In fact, these groups have threatened to initiate hacking attacks against both governmental and private organizations that have provided materiel support to Ukraine over the past few months. Since the outbreak of war, there have been countless attacks against Ukrainian websites. These attacks are believed to be the work of sympathizers of the Russian military offensive.
The attacks have supplemented the Russian government’s efforts, as recent Russian hacking attacks have included distributed denial-of-service (DDoS) attacks in addition to malware attacks against the Ukrainian government as well as its domestic infrastructure.
New dangers like the ones that agencies like America’s Cybersecurity and Infrastructure Security Agency (CISA) warn of, have arrived just as lobbying groups for powerful financial sector entities that are regulated by the Securities and Exchange Commission (SEC) butt heads with corporate board members regarding the implementation of new cybersecurity reporting requirements for any SEC regulated company.
“The SEC’s actions in the past year, paired with recently released rules, draw a line under the critical role of management and boards in protecting not just investors and customers, but also the sound functioning of American business,” according to Friso van der Oord, Vice President at the National Association of Corporate Directors.
Lobbyists for these financial sector groups instead favor some newly proposed reporting protocols that have come as part of the Cyber Incident Reporting for Critical Infrastructure Act of 2022, which was created by CISA and was passed in March of this year as part of an omnibus bill. This act requires infrastructure entities, which can include certain financial services companies, energy, and other critical businesses, to report cybersecurity incidents or any ransoms paid to the government.
Anticipated changes brought by the act will not be immediately instituted however, as according to the text of the Act, CISA has until March of 2024 create proposed rules on what constitutes reportable offenses, and then until November of 2025 to define the final rules. So, more simply put, the act’s final thresholds for incident reporting will most likely not be defined for over 3 years.
Although the act’s current language seems to point to a long process to install reporting rules, CISA may possibly modify the act to move incident reporting rules along more quickly during what is expected to be a period of continued active hacking that is already under way. Some of the more devastating hacks, including the Russian-based Hermetic Wiper attacks, have already wreaked havoc on hundreds of organizations in the Ukraine with its ability to wipe out data on Windows systems.
In the last 12 months, America has seen how bad hacking could get with the Colonial Pipeline and JBS Foods cyberattacks that tackled the energy and food industries, respectively. Now CISA, as well as corresponding groups from allied countries, expect 2022 to be even more damaging. Should the current Ukraine conflict eventually have larger role for NATO and the US to play, the situation may develop into a Third World War punctuated by cyberattacks at an unprecedented level. Is that something that Joe Biden is ready to take on?
Julio Rivera is a business and political strategist, the Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by numerous websites and he is regularly seen on National and International news programming.
