DHS warns of Russian cyberattack on US if it responds to Ukraine invasion

It comes as tensions are running high in the region.

January 24, 2022, 12:41 PM

As tensions rise in the standoff over Ukraine, the Department of Homeland Security has warned that the U.S. response to a possible Russian invasion could result in a cyberattack launched against the U.S. by the Russian government or its proxies.

"We assess that Russia would consider initiating a cyber attack against the Homeland if it perceived a US or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security," a DHS Intelligence and Analysis bulletin sent to law enforcement agencies around the country and obtained by ABC News said.

The bulletin was dated Jan. 23, 2022.

Russia, DHS said, has a "range of offensive cyber tools that it could employ against US networks," and the attacks could range from a low level denial of service attack, to "destructive" attacks targeting critical infrastructure.

"We assess that Russia's threshold for conducting disruptive or destructive cyber attacks in the Homeland probably remains very high and we have not observed Moscow directly employ these types of cyber attacks against US critical infrastructure—notwithstanding cyber espionage and potential prepositioning operations in the past," the bulletin said.

PHOTO: In this Dec. 11, 2014, file photo, the U.S. Department of Homeland Security (DHS) seal hangs on a fence at the agency's headquarters in Washington, D.C.
In this Dec. 11, 2014, file photo, the U.S. Department of Homeland Security (DHS) seal hangs on a fence at the agency's headquarters in Washington, D.C.
Bloomberg via Getty Images, FILE

Last year, cybercriminals based in Russia caused two of the most destructive cyberattacks in recent memory, the U.S. has said. Colonial Pipeline was the victim of a ransomware attack in May 2021, shutting down operations and causing widespread outages across the country, and meat supplier JBS had its operations shutdown due to Russian based hackers.

Russia is also responsible for the SolarWinds breach in late 202o, the U.S. has said, where the U.S. says Russian-backed cybercriminals gained access to 10 U.S. government agencies including the Department of Homeland Security and Department of Commerce.

DHS says Russia "continues to target" and gain access to critical infrastructure in the United States, but Russia does not limit itself to conducting cyber operations just in the U.S.

The bulletin says in 2015 and 2016, Russian military intelligence assets launched a cyberattack against Ukraine's power grid. Although the bulletin doesn't mention it, Ukrainian officials most recently pointed the finger at Russia for another cyber outage, shutting down government websites.

The Department regularly shares information regarding a variety of issues, with federal, local and state partners, a DHS spokesperson said.

"We have increased operational partnerships between private sector companies and the federal government to strengthen our nation’s cyber defenses, including through CISA’s newly established Joint Cyber Defense Collaborative (JCDC)," the spokesperson continued.

Homeland Security Secretary Alejandro Mayorkas told reporters last week that the United States is on a "heightened alert" for cyberattacks given "geopolitical landscape."

He told reporters at the U.S. Conference of Mayors on Thursday that it is "difficult to calibrate the likelihood" of something happening.

"The whole point is, when the specter of harm arises, we call for vigilance and quite frankly, in the cybersecurity arena. ever present vigilance is what we call for," he said.

Related Topics