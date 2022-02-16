Hackers are poised at the edge of a significant cyber fight, but they haven’t crossed the border yet – much like the broader military conflict right now.

Early this morning, a website disruption was still forcing the Ukrainian defense ministry website offline. Similar attacks hit the websites of the nation’s armed forces and several Ukrainian banks. Russia is the likeliest culprit, but no nation has yet firmly attributed the attacks to the Kremlin.

That’s a relatively minor attack in hacking terms. It’s called a distributed denial of service (DDoS) attack and involves flooding websites with digital requests until they’re forced offline. But it could be a signal of far more serious attacks that are ready.

“This is signaling,” Christian Sorenson, a former U.S. Cyber Command official and CEO of the cyber firm SightGain, told me. “It says, hey, we’re ratcheting things up, but we’re not crossing any huge red lines yet.”

Some Ukrainian citizens also received spam text messages claiming that ATM service was disrupted, Ukraine’s cyber police said. Together those attacks might, at most, slightly reduce public faith in the security of financial institutions. Earlier attacks against Ukrainian government computers were more serious, wiping out some data.

Going bigger

Russia is already laying the groundwork for bolder attacks.

Kremlin hackers have likely wormed their way into computer systems of Ukraine’s military and top energy firms and could disrupt them during a land invasion, according to newly declassified U.S. intelligence as reported by Ellen Nakashima and Alex Horton.

“The U.S. government has determined only that Russia could undertake disruptive cyberactivity, not that it will,” Ellen and Alex report.

U.S. officials are also preparing in case the conflict escalates to the point Russian hackers are going after U.S. targets — likely in response to Western sanctions.

“The concern is so great that on Friday the White House’s deputy national security adviser for cyber, Anne Neuberger, ran a tabletop exercise to ensure that federal agencies were prepared for Russian cyber-assaults that might take place in an escalating conflict with Moscow,” Ellen and Alex report.

Russia has a long and documented history of compromising critical infrastructure, such as banks and energy firms. Officials fear it could now use that access to cause significant damage.

Here’s Sandra Joyce, head of intelligence at the cyber firm Mandiant, in a blog post: “The U.S. and Europe have seen wave after wave of attempts to burrow into our sensitive critical infrastructure – attempts we believe were designed to prepare for a scenario such as the crisis that is unfolding in Ukraine today Without a doubt, the threat they pose is serious”

How it's going

The moves come amid broad uncertainty about whether the conflict is winding down or scaling up.

Russia said it has pulled back some of the roughly 150,000 troops massed on the Ukrainian borders with Russia and Belarus. But U.S. officials have not verified any movement, President Biden said in a public address yesterday.

“Our analysts indicate that they remain very much in a threatening position,” he said, while expressing hope the conflict can be resolved through diplomacy.

Biden also issued a stark warning. He pledged that the United States is “prepared to respond” to any “disruptive cyberattacks against our companies or critical infrastructure” targeting the United States or its allies.

What kind of response?

The likeliest answer is the same set of punishing sanctions and other economic measures that the White House has prepared in response to a physical attack on Ukraine.

But Biden has also raised the possibility of responding to Russian cyber aggression with retaliatory cyber strikes.

Anxiety is also high among Ukraine’s European neighbors.

In response to the Ukrainian DDoS attacks, Polish officials ramped up their cyber alert system, increasing cyber monitoring for all government tech systems, Reuters reports

Lithuania's central bank has told banks in the country to prepare for cyberattacks if the conflict worsens, including attacks that cut electricity or internet access, also per Reuters

The keys

U.S. intelligence officials accused a financial site of amplifying Russian propaganda

Zero Hedge has published articles by people affiliated with a U.S.-sanctioned foundation that the Biden administration says is linked to a Russian intelligence agency, the Associated Press’s Nomaan Merchant reports. The finance blog typically publishes articles about finance and politics, often from a conservative perspective.

“The officials said Zero Hedge, which has 1.2 million Twitter followers, published articles created by Moscow-controlled media that were then shared by outlets and people unaware of their nexus to Russian intelligence,” Merchant writes. “The officials did not say whether they thought Zero Hedge knew of any links to spy agencies and did not allege direct links between the website and Russia.”

The site rebutted the accusations, writing that “this website has never worked, collaborated or cooperated with Russia, nor are there any links to spy (or any other) agencies.” The site’s goal “is to provide a platform, a voice to anyone who has a unique, a .different, perspective from the one pushed by the mainstream media.”

Jan. 6 committee subpoenas officials who tried to overturn Biden’s win

The House committee subpoenaed two Trump campaign aides and current and former Republican officials in three battleground states, Tom Hamburger and Jacqueline Alemany report. The subpoenas come as the committee investigates the effort to have Trump electors cast votes for the former president in states that were certified as being won by Biden.

The officials include:

Arizona Republican Party chairwoman Kelli Ward

Arizona state Rep. Mark Finchem (R), who is running for Arizona secretary of state

Pennsylvania state senator and gubernatorial candidate Doug Mastriano (R)

Former Michigan Republican Party chair Laura Cox

Michael Roman and Gary Brown, the director and deputy director of Election Day operations for Trump’s reelection campaign

“The committee previously subpoenaed Trump electors from multiple states won by Biden that sent paperwork to Washington certifying their votes for Trump,” Tom and Jacqueline write. “Tuesday’s letter requests depositions into mid-March.”

A new bill aims to make kids safer online

The bill from Sens. Richard Blumenthal (D-Conn.) and Marsha Blackburn (R-Tenn.) would require social media companies to give children more control over personal data they share with those sites and impose the highest security and privacy settings by default, Cat Zakrzewski reports.

The bill would also require companies to ramp up parental controls for children under 16, including allowing them to limit screen time, view how long kids spend on particular sites and disable features aimed at extending time online.

“The bill also establishes an obligation for companies to prevent the promotion of self-harm, eating disorders, bullying and the sexual abuse of children,” Cat reports. “And it would allow the federal government to create a program for researchers to access data from companies so that they can do more research about tech’s potential harm of children and teens.”

