Missed a consultation of the Future of Work Summit?Visit our on-demand library of the Future of Work Summit to stream.

A report suggesting it is conceivable that Russia is contemplating a cyber attack on U. S. infrastructure. Amid tensions between countries over Ukraine, the U. S. government does not deserve to be ignored by the cybersecurity community.

Today, CNN reported that it had consulted a Department of Homeland Security (DHS) intelligence bulletin on the issue. The bulletin reported that, on the occasion of a Russian invasion of Ukraine, a U. S. reaction was not in the process of being a Russian invasion of Ukraine. offensive against goals in the United States.

Attacks can range “from low-level denials of service to destructive attacks targeting critical infrastructure,” according to the Jan. 23 bulletin, cited by CNN.

Kevin Breen, director of cyber risk studies at Immersive Labs, said in an email that “the latest DHS intelligence bulletin warning of a potential Russian cyber attack on the United States is not something to be taken lightly. ” .

“We have noticed remarkable ransomware teams operating outside this region, adding REvil and DarkSide, with the technical ability to temporarily and large-scale compromise giant networks,” Breen said. “It would be assumed that the geographical region that houses such crooked elements does not have the corresponding capacity. “

Other ransomware gangs known to operate in Russia include Conti, known for “attacking organizations where computer outages can have fatal consequences: hospitals, 911 operators, medical emergencies and law enforcement,” according to a report published last June through Palo. Alto Networks. Unit 42 Research Group.

Still, the DHS memo suggests that Russia “probably” maintains a “very high” threshold for carrying out a destructive cyber attack opposite targets in the United States, CNN reported.

“[We]ve not] observed Moscow directly employing such cyber attacks opposed to critical U. S. infrastructure. Despite possible cyber espionage and pre-positioning operations in the past,” the DHS bulletin said, according to CNN.

Breen noted that “an attack of a significant magnitude, adding a planned attack on critical U. S. infrastructure. In the U. S. , it would almost have broader geopolitical consequences. “

“With this new bulletin, the Department of Homeland Security assumes that to be warned is to be pre-armed, and preparation is key,” he said.

The DHS newsletter was distributed to critical infrastructure operators in the United States, as well as state and local governments, according to CNN.

Ken Westin, Cybereason’s director of security strategy, said his biggest fear about Russia is that it appears to have “an arsenal of zero-day exploits at its fingertips, as well as initial targets. “already. “

Still, the 0 days they possess would likely be used in the initial execution, “so there is a threat that Russia will deploy them and disclose their capabilities,” he said.

Ultimately, however, there remains great uncertainty about the intentions and full functions of Russia’s offensive cyber operations, and there is no explanation as to why at this point assuming that a cyber attack opposite targets in the United States is inevitable, Westin said.

“Intelligence alerts and reports for critical infrastructure and banks are done as a precaution to prepare organizations for what happens, not necessarily for what will happen,” he said.