We’ve heard for more than a month of an imminent cyber-attack. Nothing, at least as far as we know, has happened yet. But U.S. intelligence and cyber-security experts report they’ve seen evidence of Russian hackers actively looking for entryways into our energy and banking networks. Entryways that could be through someone’s personal computer.
Rick Holland, the Chief Information Security Officer at Dark Shadows, a cyber-security company that protects businesses from vulnerabilities says he thinks “It’s a clear and present danger for us now.”
Holland said Americans should not panic, but everyone should know how cyber attacks can be carried out by Russian state actors.
“So they may target someone that works at a bank, they may target someone who works at one of these energy companies and compromise their personal account.”
Which is easier than you might expect. Last year’s cyber attack and shut down of the Colonial Pipeline, was the result of a single compromised password.
For the past two-plus years, many employees of regional power companies and banks were forced to work remotely. Some may have used a personal computer for work or used a work computer to check social media or personal email.
Holland says Americans should take steps now.
“It’s security hygiene, sort of like brushing your teeth, flossing your teeth,” said Holland. “It’s a similar thing on the cyber front. it’s using multi-factor authentication, making sure your machines are up to date and patched. You wouldn’t want the machine you use at home or an account you use to somehow be used in a larger campaign for cybercriminals or Russia or another state actor.”
Google Chrome and Windows released urgent updates with security patches a few weeks ago. Make sure it’s installed. Don’t use the same passwords for social media that you use for bank and credit card companies or payments to utility companies and don’t click suspicious links in emails.
“The good news is if you do the things like update your anti-virus, patch your machine use multi-factor authentication. it’s going to protect you against lowly opportunistic cybercriminals to a targeted attack from somebody with more sophisticated aims,” Holland adds.
The department of defense warns it is possible that tens of thousands of computers across the country are already infected with malware, ready to unleash an attack by someone in Russia simply pressing the enter key on their own computer. The more desperate Putin becomes, the more likely he’ll resort to cyber attacks on the U.S.