Russia is already known for its involvement in cyber attacks around the world.
The United States has often been the target of these malicious Russian attacks.
An article by CISA (Cybersecurity and Infrastructure Security Agency) mentions various Russian state-sponsored cyber attacks that have taken place over the years in various sectors in the United States.
“Russian state-sponsored APT actors have used sophisticated cyber capabilities to target a variety of U.S. and international critical infrastructure organizations, including those in the Defense Industrial Base as well as the Healthcare and Public Health, Energy, Telecommunications, and Government Facilities Sectors.”, says the CISA article.
From 2011 until today, there have been numerous Russian state-sponsored cyber attacks on key institutions in the US and Ukraine.
“High-profile cyber activity publicly attributed to Russian state-sponsored APT actors by U.S. government reporting and legal actions includes:
Russian state-sponsored APT actors targeting state, local, tribal, and territorial (SLTT) governments and aviation networks, September 2020, through at least December 2020. Russian state-sponsored APT actors targeted dozens of SLTT government and aviation networks. The actors successfully compromised networks and exfiltrated data from multiple victims.
Russian state-sponsored APT actors’ global Energy Sector intrusion campaign, 2011 to 2018. These Russian state-sponsored APT actors conducted a multi-stage intrusion campaign in which they gained remote access to U.S. and international Energy Sector networks, deployed ICS-focused malware, and collected and exfiltrated enterprise and ICS-related data.
Russian state-sponsored APT actors’ campaign against Ukrainian critical infrastructure, 2015 and 2016. Russian state-sponsored APT actors conducted a cyberattack against Ukrainian energy distribution companies, leading to multiple companies experiencing unplanned power outages in December 2015. The actors deployed BlackEnergy malware to steal user credentials and used its destructive malware component, KillDisk, to make infected computers inoperable. In 2016, these actors conducted a cyber-intrusion campaign against a Ukrainian electrical transmission company and deployed CrashOverride malware specifically designed to attack power grids.”
Preventing these attacks is the goal of CISA, so that Russia’s involvement in the US and other countries, through the collection of data from cyber attacks, is as low as possible.