Five allied countries including the United States warned Wednesday that “evolving intelligence” indicated Russia was poised to launch powerful cyberattacks against rivals supporting Ukraine.
The members of the “Five Eyes” intelligence sharing network — the US, Britain, Canada, Australia and New Zealand — said Moscow could also involve existing cybercrime groups in launching attacks on governments, institutions and businesses.
“Evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks,” they said in an official cyber threat alert.
“Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity. This activity may occur as a response to the unprecedented economic costs imposed on Russia as well as materiel support provided by the United States and US allies and partners,” it said.
In addition, it said, “some cybercrime groups have recently publicly pledged support for the Russian government. ”
“Some groups have also threatened to conduct cyber operations against countries and organizations providing materiel support to Ukraine,” it said.
Washington has warned since Russia invaded Ukraine on February 24 that a part of its campaign could involve hefty cyberattacks against Kyiv and its Western supporters.
But such threats have yet to materialize in a substantial way.
In recent weeks, as Moscow pulled back troops from northern Ukraine where they failed to seize Kyiv, warnings have picked up of possible cyberattacks against NATO allies supplying the country with weapons and increasing sanctions on Russia.
Wednesday’s alert said Russian state-sponsored cyber actors have the ability to compromise IT networks, to steal large amounts of data from them while remaining hidden, to deploy destructive malware and to lock down networks with “distributed denial of service” attacks.
The alert identified more than a dozen hacking groups, both parts of Russian intelligence and military bodies and privately operated, which present threats.
It warned that infrastructure could be particularly targeted in countries Moscow might want to take action against.
“US, Australian, Canadian, New Zealand, and UK cybersecurity authorities urge critical infrastructure network defenders to prepare for and mitigate potential cyber threats — including destructive malware, ransomware, DDoS attacks, and cyber espionage — by hardening their cyber defenses and performing due diligence in identifying indicators of malicious activity,” the alert said.