Let Your Rabid Leftist Friends And Family Go
The Holiday Survival Guide (Trump WON Edition)
New York Democrat Issues Warning to His Party About Hochul
A Quick Bible Study Vol. 243: What the New Testament Says About Fearing...
Avoiding Self-Inflicted Trade and Economic Wounds
Democrats Ramp Up Their Criticism of Tulsi Gabbard
Why We Should Be Concerned Over the Philippine VP’s Comments
These Democratic Senators Could Sure Be in Trouble After Voting for Sanders' Anti-Israel...
Top Democrat Leader Obliterates The View’s Reasoning for Why Trump Won
Joe Rogan, Elon Musk Hilariously Spark Exchange On X Over Failing MSNBC
Matt Gaetz for Florida Governor?
Trump to Create New Position to Deal With Ukraine
Giving Thanks Is Good For You
The Hidden Pro-Life Message You Missed at Miss Universe
The Border's Broken Vetting System: Why We Can't Wait to Fix It
OPINION

New Joint Advisory Against Russia-Based Hacking Released as Financial Sector Fights SEC Regulations

The opinions expressed by columnists are their own and do not necessarily represent the views of Townhall.com.
Advertisement
Advertisement
Advertisement
AP Photo/Vadim Ghirda

Earlier this month, cybersecurity agencies from the US, Australia, Canada, New Zealand, and the United Kingdom, created a joint Cybersecurity Advisory that warned organizations globally of impending cyber danger as a result of Russia’s controversial invasion of Ukraine. It is thought that there will soon be an increase in Russian-based cyber-attacks targeting the allies of Ukraine that have levied sanctions catastrophic to Russia’s economy. Countries known to have provided military support to Ukraine are also thought to be at an increased risk of Russian cyberattacks.

Advertisement

This new warning is not limited to hacking attacks from state-sponsored Advanced Persistent Threat Groups (APTs), as the advisory states that several Russia-based, non-government affiliated cyber groups have “recently publicly pledged support for the Russian government.” These gangs intend to retaliate for hacks that may have targeted the Russian government or its citizens.

In addition, some cyber gangs have threatened to attack countries and private organizations that are providing materiel support to Ukraine. We have already seen repeated attacks against Ukrainian websites from groups that are believed to be in support of the Russian military offensive over the past several weeks.

Those attacks supplement the Russian government’s own efforts, as recently there has been a rise in Russia-based state-sponsored hacks including distributed denial-of-service (DDoS) attacks in addition to malware and ransomware attacks targeting the Ukrainian government as well as its critical infrastructure. 

These new threats of increased hacking happen just as lobbyists for the financial sector butt heads with the Securities and Exchange Commission (SEC) regarding the implementation of new reporting requirements for SEC regulated entities that force publicly traded companies to disclose cybersecurity incidents.

“The SEC’s actions in the past year, paired with recently released rules, draw a line under the critical role of management and boards in protecting not just investors and customers, but also the sound functioning of American business,” according to Friso van der Oord of the National Association of Corporate Directors.

Advertisement

The lobbyists favor newly proposed reporting rules that come as part of the Cyber Incident Reporting for Critical Infrastructure Act of 2022, created by CISA. The act requires critical infrastructure companies, which may include financial services entities, energy outfits, and other businesses, to report any cybersecurity incidents or ransoms paid to the government.

The changes are not to be immediately instituted, however, as according to the bill, CISA has 24 months after the bill’s passage in March of this year to create proposed rules on what constitutes a reportable offense, and then another 18 months after the proposed rule to define the final rule. So, in plain English, it means that the Cyber Incident Reporting for Critical Infrastructure Act of 2022’s final thresholds for incident reporting may not be completely defined for as long as over three years as currently written.

Despite the text of the act, as a result of global instability due to Russian President Vladimir Putin’s ongoing war, CISA can possibly modify the law to move it along more quickly during what it expected to be a period of increased cyber activity that is already well under way, with hacks that include the Russian-based Hermetic Wiper attacks having already had a devastating effect on hundreds of organizations in Ukraine with its ability to wipe out data on Windows PCs.

After 2021 saw hacking explode in the US with the devastating Colonial Pipeline and JBS Foods cyberattacks, CISA, as well as corresponding groups globally, expect 2022 to be an even more damaging year. If this current Ukraine conflict should spiral into a larger war involving the US and NATO, we can easily see this situation develop into a Third World War punctuated by cyber-attacks at an unprecedented level.

Advertisement

Julio Rivera is a business and political strategist, the Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by numerous websites and he is regularly seen on National and International news programming.

Join the conversation as a VIP Member

Recommended

Trending on Townhall Videos