Industrial Security Experts Weigh-In: U.S. Sanctions Against Russian Research Institution
On Friday sanctions were issued against a Russian government research institution for cyber attacks committed against the critical infrastructure of US allies in the middle east. Cyber leaders from Nozomi Networks weighed in. Nozomi is a leading supplier of OT and IoT security and visibility for critical infrastructure, securing the world’s largest organizations including 8 of the Top 20 Oil & Gas, 6 of the Top 10 Pharma, 4 of the Top 10 Mining, and 4 of the Top 10 Utilities.
Suzanne Spaulding, Nozomi Networks Advisor and Former DHS Undersecretary:
“The sanctions are an important step in signaling how seriously we take any malicious cyber activity that poses a threat to human life or safety. And sanctions against a scientific research institute may impact the individuals who developed these tools more than sanctions against the Russian government might. Scientists thrive on their reputation. Accusing them of threatening peoples' lives, and impacting their ability to collaborate internationally, may actually impose significant cost.
“More broadly, when combined with other recent USG activity calling out Russian cyber activity, including recent indictments and alerts, Russia should be on notice that they cannot act with impunity--or at least not without attribution. The timing may be intended to warn against hacking into election infrastructure, or it may be designed to look tough on Russia for the American electorate, or both.”
Mr. Andrea Carcano, Nozomi Networks Co-founder:
“When Nozomi Networks analyzed the Triton malware in 2018, our findings led us to believe that while Triton failed, the attacker(s) could have just as easily succeeded in injecting the final payload. This realization, combined with the knowledge that a growing number of nation-state adversaries and other hackers have critical infrastructure in their sights, calls for vigorous defense of our national critical infrastructure.
“No single entity can solve this global issue; rather, end users, third-party suppliers, integrators, standards bodies, industry groups and government agencies must work together to help the global manufacturing industry withstand cyberattacks and protect the world’s most critical operations and the people and communities we all serve.
“The perfect storm of increasing cyber threats, digital transformation and IT/OT convergence means organizations must move swiftly to shore up their defenses with solid cybersecurity programs that deliver deep visibility and effective security that spans OT and IoT networks and devices.”