Russia’s unprovoked attack on Ukraine, which has been accompanied by cyber-attacks on Ukrainian government and critical infrastructure organizations, may have consequences for our own nation’s critical infrastructure, a potential we’ve been warning about for months.
While there are no specific or credible cyber threats to the U.S. homeland at this time, we are mindful of the potential for Russia’s destabilizing actions to impact organizations both within and beyond the region, particularly in the wake of sanctions imposed by the United States and our Allies. Every organization—large and small—must be prepared to respond to disruptive cyber activity.
CISA, along with our partners in the U.S. Intelligence Community, law enforcement, the military, and sector risk management agencies, is monitoring the threat environment 24/7 to discern whether those threats manifest themselves in risks to the U.S. homeland.
In the wake of continued denial of service and destructive malware attacks affecting Ukraine and other countries in the region, we are working very closely with our Joint Cyber Defense Collaborative (JCDC) and international computer emergency readiness team (CERT) partners to understand and rapidly share information on these ongoing malicious cyber activities.
As the nation’s cyber defense agency, CISA stands ready to help organizations respond to cyber-attacks. When cyber incidents are reported quickly, we can use this information to render assistance and as warning to prevent other organizations and entities from falling victim to a similar attack.
In today’s highly connected and complex technology environment it has become increasingly challenging to completely prevent incidents that may disrupt business operations, especially given the dependencies on supply chains where there is inherently imperfect control.
This current environment requires us all to be laser-focused on resilience. This must include a focus on ensuring preparedness and a rapid, coordinated response to mitigate the impact of such disruptions on our national security, economic prosperity, or public health and safety.
CISA has been working closely with our critical infrastructure partners over the past several months to ensure awareness of potential threats—part of a paradigm shift from being reactive to being proactive.
As part of this effort, we recognize that many critical infrastructure or state, local, tribal, and territorial governments find it challenging to identify resources for urgent security improvements.
In response, CISA has established a catalog of free services from government partners, the open source community, and JCDC companies to assist with this critical need.