WASHINGTON – As the United States ratchets up sanctions against Russia over the Ukrainian crisis, U.S. security officials are concerned that Moscow could retaliate with cyber-attacks on computer networks used by U.S. banks and other financial institutions.
U.S. and Western sanctions to date have targeted the financial assets of advisers close to Russian President Vladimir Putin, although he personally hasn’t been sanctioned.
The restrictions also are said to include access to technology wthat would be essential for Russian space flights, which could include taking American astronauts to the International Space Station.
Now the U.S. and Western allies are planning additional sanctions on Russia aimed at particular areas of the Russian economy, including the banking system.
The fact that the latest sanctions also include a cutoff of access to high technology led Russian Deputy Foreign Minister Sergei Ryabkov to condemn the punishment and warn that Moscow’s “response will have a painful effect on Washington.”
The sanctions by Washington and members of the European Union – who rely on Russia for some 30 percent of their energy needs along with hundreds of billions of dollars in trade – followed Russia’s annexation of Ukraine’s Crimean Peninsula March 16.
But Russian hackers are known to be some of the most skilled in the world in taking down computer systems and in stealing money. Analysts estimate that the Russian cyber-crime industry is responsible for at least a third of all viruses, malicious software or malware.
For example, it was 17-year-old Sergey Taraspov from St. Petersburg, Russia, who wrote the program that resulted in the massive data breach at Target, Neiman Marcus and other American retailers last December.
After developing the program, he sold it for $2,000. But sources say that at least 40 separate criminal elements from the former Soviet Union are using the same code to attack American retailers and the credit cards of 110 million U.S. shoppers have been affected.
According to Bloomberg’s Businessweek, the Financial Services Roundtable, FSR, that includes Citigroup Inc. and Bank of America is closely monitoring any potential attack.
Paul Smocer of FSR acknowledged that a cyber-attack is a real concern.
“Nation-states’ ability to launch cyber-attacks is certainly real nowadays, and so in any conflict, I think that the possibility exists as we worry about escalation,” Smocer said.
Security experts acknowledge that if Russia retaliated with cyber-attacks on the U.S. banking system, it may be difficult to trace their origin, since hackers are able to mask their identities and online locations.
In addition to the U.S. banking system, security experts are concerned that U.S. manufacturing and energy transmission and distribution networks nationwide could be targeted.
However, there is little that the U.S. can do to curb potential attacks since Congress has failed to pass new legislation to allow companies to share information on cyber-attacks.
The legislation would have allowed such information exchange without concern for anti-trust action or shareholder liability suits.
Security experts are well aware of denial-of-service attacks that Russian hackers are capable of staging. The hackers would have ample U.S. targets including off-the-shelf routers which exist in many American homes, in addition to sophisticated financial institutions.
Russian hackers already are thought to have infiltrated U.S. computer networks. Considering the amount of business conducted on the Web, security experts say that such attacks could have an adverse impact on an American economy that is experiencing a slow recovery.
“Our experience and evidence tends to support the notion that Russia is sufficiently organized and equipped to wage a very effective cyber-guerrilla campaign against the U.S. and avoid public attribution,” said Rodney Joffe, senior vice president of Neustar Inc. of Sterling, Virginia.