“That’s why we are so focused on ensuring that everyone understands the potential of this cyber-disruptive activity,” Easterly said. “And this is not about panic. It is about preparation.”
Easterly cited the example of a cybercrime attack on the Colonial Pipeline last year, which cut off fuel delivery to the East Coast for days and led Americans to accumulate gasoline.
The Biden administration has warned for months that Moscow could respond to US sanctions over Russia’s invasion of Ukraine with cyber-attacks on US infrastructure – or that ransomware gangs like the one that hit the Colonial Pipeline could attack.
“The size of Russia’s cyber capacity is quite significant and is coming,” President Joe Biden told business leaders on March 21.
Easterly called Biden’s statement that Russia was carrying out “preparatory work” for a possible cyber attack “quite unprecedented”.
“I think what makes it different right now is just looking at what the Russians did with this unprovoked invasion of Ukraine and then realizing that there could be some very real consequences in cyberspace,” Easterly told CNN.
Founded in 2018, Easterly advises owners and operators of power stations, power plants and other critical infrastructure on how to defend against such threats.
Agencies such as CISA and the Treasury and Energy Ministries have been conducting cyber threat updates in recent months on Russian piracy for America’s largest banks and utilities.
Many of these critical infrastructure operators have spent years investing in network defense and studying high-profile Russian cyberattacks, such as the one that cut off power to Ukraine for a quarter of a million people.
One month after the war in Ukraine, the Russian army has stumbled and failed to occupy the capital Kiev.
“I would imagine there was a lot of pressure, a lot of stress not only on the Russian military, but also on Russian intelligence officers,” said Easterly, a former U.S. military intelligence officer.
