CISA Urges 'Increased Vigilance' for Cyber Threats on Anniversary of Russia’s Invasion of Ukraine

The Cybersecurity and Infrastructure Security Agency on Thursday warned the United States and its European allies to remain on guard against cyber threats as Russia’s full-scale invasion of Ukraine reaches its one-year anniversary.

In an alert, CISA said it “urges increased vigilance” as Moscow’s war against its neighbor has largely united Western nations in imposing sanctions on Russia and providing military support and aid to the Ukrainian military and people. 

“CISA assesses that the United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord on February 24, 2023, the anniversary of Russia's 2022 invasion of Ukraine,” the agency said. “CISA urges organizations and individuals to increase their cyber vigilance in response to this potential threat.”

CISA directed individuals, agencies and organizations to use its cybersecurity resources to bolster their defenses, including the agency’s distributed denial of service—or DDoS—attack guidance for organizations and federal agencies, and its “Shields Up” webpage, which CISA said “provides resources to increase organizational vigilance and keep the public informed about current cybersecurity threats.”

Although experts have warned about Russia’s cyber capabilities since last year’s invasion, far-reaching cyber operations outside of Ukraine have yet to materialize—and no major cyberattacks tied to Russian actors have transpired on the war’s one-year anniversary, as of this article’s publication.

A report released by Google’s Threat Analysis Group on Feb. 16 found that cyber operations targeting users in NATO countries “increased over 300%” from 2020 to 2022, even as those directed against users in Ukraine increased 250% during the same time period. But most of Moscow’s cyber operations have remained focused on Ukraine, with the report noting that, over the course of 2022, “Russian government-backed attackers targeted users in Ukraine more than any other country.”

The U.S. government has also been providing Kyiv with intelligence and resources to help defend against Russian cyberattacks, which experts have cited as preventing Moscow’s digital attacks from having more of an impact in Ukraine, or allowing its cyber operations to focus more broadly on other nations. 

Homeland Security Secretary Alejandro Mayorkas said in a statement on Friday that the department “remains committed to supporting the Ukrainian people and to honoring the United States’ commitment to provide humanitarian relief to those who are fleeing Russia’s unprovoked war.”

“From deterring cyberattacks to welcoming more than 270,000 Ukrainians to the United States, including more than 115,000 who have arrived through our Uniting for Ukraine program, DHS is proud to support Ukraine and its people,” he added. 

But even as Moscow’s cyber operations have seen mixed success, there are some signs that the full scale of these digital efforts remains largely unknown—at least to the general public. 

A report released earlier this week by two of the Netherlands’ military agencies cautioned that many of Russia’s cyber operations—particularly those directed at Ukraine and NATO members over the past year—”have not yet become public knowledge,” due in part to the fact that “the pace of Russian cyber operations is fast.” But the report noted that the success of Moscow’s cyber operations has been “limited,” largely as a result of enhanced awareness on the part of Western nations and Ukraine’s enhanced digital defenses.