Eastern European tensions foreshadow increased cyberattacks

Hogan Lovells
Contact

Hogan Lovells

Given the deteriorating security situation in Eastern Europe and the potential for widespread cyber disruptions should hostilities break out, we urge clients to re-examine their cybersecurity posture. The U.S. Cybersecurity and Infrastructure Security Agency released guidance describing the risks and identifying a number of steps that organizations should take without delay.

As Russian forces continue their steady build-up along Ukraine’s borders, the threat of war in central Europe grows. Russian troops and equipment are flowing west from bases in the vast east of the country, as NATO forces move to shore up the alliance’s eastern flank and some NATO member states have begun to render more substantial assistance to Kyiv. Diplomatic efforts are continuing.

While many military analysts believe that Russian forces are still several weeks away from being ready to mount a cross-border movement in force, this conflict, if it comes, will not likely not be confined to Ukraine. As has occurred in past crises between Ukraine and Russia, Kyiv is likely to see significant cyber disruptions as tensions intensify. Indeed, Ukraine was hit by a cyberattack earlier this month that affected dozens of government websites, most with defacement and some with data destruction.

Unlike in past crises, however, the effects may be felt beyond Ukraine if the U.S. and NATO military build-up in Eastern Europe continues or if the allies move forward on sanctions and other efforts to target Russia.

On January 24, as the Pentagon announced plans to put 8,500 U.S. troops on standby for rapid movement to Europe, press reports detailed a January 23 Intelligence and Analysis Bulletin sent to state and local law enforcement across the United States by the U.S. Department of Homeland Security. The DHS warning was pointed: "We assess that Russia would consider initiating a cyberattack against the Homeland if it perceived a U.S. or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security." Russia is a full-spectrum cyber actor and has a "range of offensive cyber tools" it could use against U.S. networks, including "a low-level denial of service attack" or a "destructive" attack on critical infrastructure.

The DHS bulletin followed on the heels of a January 18 CISA Insights, issued “to ensure that senior leaders at every organization in the United States are aware of critical cyber risks and take urgent, near-term steps to reduce the likelihood and impact of a potentially damaging compromise.” The CISA document then listed a number of steps that organizations should take without delay.

While the situation in and around Ukraine remains fluid, the potential for conflict and past use of cyber in Russia – Ukraine bilateral crises heightens the risk for a disruptive cyber event. The steps outlined in CISA Insights are prudent measures that we recommend to our clients.

Next steps

Organizations, in particular those of strategic value to the U.S. and allied nations, should prepare for a potential increase in cyberattacks should hostilities between Russia and Ukraine continue to increase. The CISA Insights released on January 18, 2022, lists a number of steps that organizations should take without delay.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Hogan Lovells | Attorney Advertising

Written by:

Hogan Lovells
Contact
more
less

Hogan Lovells on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.