Cyberattacks: Sanctions on Russia may ‘draw some fire’ on U.S., Prevailion CEO says

Yahoo Finance Video
0

Prevailion CEO Karim Hijazi sits down with Yahoo Finance Live to discuss the likelihood of cyberattacks if sanctions were levied against Russia and how vulnerable American infrastructure may be to hackers

Video Transcript

[MUSIC PLAYING]

- The US is no stranger to cybersecurity attacks from Russia. But in the wake of rising tensions, the FBI has warned of a potential increase in state-sponsored cyber attacks. Here to help us discuss it all-- Karim Hijazi from Prevailion, the CEO there. Karim, thanks so much for joining us today. And of course, some breaking news that I just want to bring to your attention happened a few minutes ago. The US is reimposing sanctions on Nord Stream 2 in response to Russia's aggression.

That is not going to make Moscow very happy. We have already heard about the threats of potential cyber attacks. And earlier on today, Ukraine already saying some government websites have been the victims of cyber attacks. Of course, not blaming Russia directly, but it wouldn't be the first time that that has happened. How much is that a surprise to you?

KARIM HIJAZI: Great to be here, thank you for having me. Not a surprise at all. I think that we've been watching this really vigilantly over the last several weeks, if not months at this point. And I think, you know, the breaking news that you just referred to is going to add to the context that Russia, in its efforts with Ukraine specifically-- this may redirect some of that spite in our direction directly.

You know, we've been worried about the supply chain nature of the attacks on Ukraine, the warm-ability of a threat that might be deployed there, similar to what we saw with NotPetya years ago. And that's been the concern. But now with the sanctions, which I understand are a needed effort, that does start to draw some fire directly onto us, which is a greater concern now.

- And then how vulnerable are we? And which sectors are the most vulnerable? Are they the power sector, water? Or are they those tied to efforts to aid Ukraine-- for example, government agencies and military operations?

KARIM HIJAZI: Yes, I think it's both, honestly. Not to sort of cast a wide net, but it really is all intertwined. The nature of our world today is so interconnected with supply chain and third party partnerships that unfortunately a lot of private sector and public sector and military and government agencies are inextricably connected, whether it's in country or externally. So, the concerns are that if an organization in the Ukraine may be hit, or an industry for that matter in the Ukraine may be hit, there could be US companies or allied companies that are there that sort of get caught in the crossbar or laterally infected by whatever is used there to attack that environment. And that would then proliferate onto the home country, right.

So, unfortunately, to answer your question explicitly, yes, absolutely critical infrastructure is of high concern. Because that's going to have the broadest implications for natural course of things and daily life for everyone. But unfortunately, the attacks on the private sector that directly support those environments are going to likely be what is looked at by these nation-state actors. Because the security and the operational security of those environments are less typically than some of the more armored and equipped institutions. Right, so it's that easy conduit or easy vector, which is what we're worried is going to be leveraged.

- Do you think that any attack, any cyber attack, on the US is considered crossing the line? How does the US decide how egregious an attack is if they choose to then retaliate, for example?

KARIM HIJAZI: It's a great question. And it's something that we've been debating for a very long time, because what is considered an act of war has been a debated situation. You know, there could be an attack that was intended to be fairly targeted and very specific and surgical in a region, but it then spirals out and actually results in an immense amount of chaos somewhere else. That could be constituted as an act of war onto the US.

So, in other words, something that wasn't even intended, versus a deliberate attack on like say a power grid or, god forbid, critical infrastructure like water treatment, where they alter something to where water becomes unpotable, undrinkable-- and now you create a biological attack. I mean, you know, I think we all have our feelings on what that would constitute. I think that that is absolutely an aggressive act that would warrant a very, very strong response. The question really is-- it's a very politically challenging question, I think.

To date, we've seen these nation-state actors honestly work with a level of restraint, because I think they've been benefiting too much off getting things from the US, whether it's financial gain or intellectual property gain. They haven't necessarily hurt us to the point where we're going to do anything back in a kinetic way. But I think, in the current climate we're in, there's every possibility that something that maybe isn't intended to be as dramatic could be-- similar to what I mentioned with the whole NotPetya situation several years ago in Ukraine.

- So what do we do to protect ourselves? Because the US is no stranger to Russian hacks. And we saw what happened with the JBS, the meat supply company, last year in that ransomware attack-- where the company had to pay $11 million to be able to resume their operations there. So, you know, what do we do to protect ourselves at this point? Because they've already infiltrated our system, right. They're already here. They've got their tender hooks in the US.

KARIM HIJAZI: You're exactly right. And that's exactly what I was going to say-- is that the challenge we have now has gone beyond this idea that we need to sort of address vulnerabilities or proverbially patch our defenses. That's not really-- that's an issue certainly. We don't want to forego that effort. But it's far from the more critical issue, which is exactly what you suggested, which is there's an embedding of deployed essentially agents into these environments that are laying in wait, in a dormant state, waiting to be activated by a nation-state actor as and when they see fit.

And we're late to the game to sort of address this, because now this idea that there's vulnerability and that there's compromise-- two completely different things. We spent a lot of time and effort. And a lot of organizations have been designed to address the vulnerability aspect of things, which sadly are not actually the vector that these adversaries are using to get in. They're using things like phishing techniques that essentially hack the individual, not the computer. And they're getting in, whether there's a vulnerability or not.

And it's those latent infections that you were referring to that really, really keep us up at night. And unfortunately, I have to say that we're sort of late to the party to sort of get those removed, because it is a removal effort versus a patching effort. And that's a much more involved process.

Advertisement

Recommended Stories