Putin is leading attacks on the United States through cyberspace. Here’s how businesses can stay safe


For today’s Russia, the past is a prologue.

The KGB was the vanguard of the Soviet Union. The Cold War was all about cape and dagger espionage. Russian President Vladimir Putin served in the KGB and later as the director of the ruthless security police of Russia’s FSB. Not surprisingly, then, he is leading full-scale attacks on the United States in the unregulated, widely open and man-made realm of cyberspace, which has become the basic infrastructure of commerce and 21st century freedom of expression.

The Kremlin allows criminal cyber-hacking groups like DarkSide and REvil to take root in its territory.

In April 2021, DarkSide launched a cyberattack on Colonial Pipeline, the largest oil pipeline in the United States, which was forced to shut down its network for days. DarkSide hacked into the network using a compromised password, encrypted files to deny access to Colonial Pipeline administrators, and extorted a $ 5 million bitcoin ransom from the company to restore service .


REvil carried out a destructive cyberattack in May 2021 against JBS, the world’s largest meat processing company. REvil struck again in July with a supply chain ransomware attack on Kaseya, which resulted in the compromise of more than 1,000 companies.

More recently, the Russian Secret Service, notorious for hacking into American social media, the Democratic National Committee and Secretary Clinton’s mail server, penetrated SolarWinds operating systems and spread malware in its software. security “Orion”, thanks to which Russia obtained a backdoor in the 30,000 of SolarWinds. the computer systems of clients, including large Fortune 500 companies. The Kremlin has stolen protected information from a host of private sector and US government agencies.

The goal of today’s new Moscow rules is to mitigate risk, while being able to reap all the business and other benefits of working and living in cyberspace.

During the Cold War, CIA officers devised a set of “Moscow Rules”, which referred to the sophisticated commerce they used behind enemy lines to carry out espionage activities against the Soviet evil empire.


The key to Cold War Moscow rules was to see the world through the eyes of the enemy. In today’s world, this means understanding the strategy and tactics of the threat actors. The goal of today’s new Moscow rules is to mitigate risk, while being able to reap all the business and other benefits of working and living in cyberspace.

First rule: Know the opposition and its terrain intimately. Much like intelligence officers who walked surveillance detection routes in Moscow to determine if they had a KGB tail, the best time to spot hackers and other malicious actors is when they are in the surveillance phase before. the attack. Cyber ​​attacks do not happen from a cold start without prior planning and signatures. Proactively connecting to networks and chat rooms where attacks are planned as well as using cognitive computing to sift through big data enables the collection of enemy attack plans.


Bringing together security, human resources, managers and IT stakeholders to ensure that as much information is collected and shared about vulnerability and threat data, results in the most effective countermeasures. Employees must have a secure channel to report social engineering and technical attacks.

Second rule: don’t rely exclusively on technology. Organizations need to strengthen their defenses by reducing vulnerable attack space with secure routers and servers; sophisticated firewalls and web codes; rigorous application of patches and backup protocols; and data encryption.

But humans, aka “the skin behind the keyboard,” beat technology every time. Although they have all the technical tools available, without training the workforce in best practices in cyber hygiene, companies will be vulnerable to attacks.


Businesses must have a strong and transparent insider threat program to deal with cyber threats resulting from both unintentional employees who need training to fight hackers and malicious malicious employees.

Rule Three: Always assume you’re compromised (meaning you’ve been hacked before). Businesses should have a business continuity strategy and data recovery plan, which includes operating offline in the event of a catastrophic insider attack or external ransomware. These types of attacks require proactive planning.

Russia is by no means the only state actor ruthlessly attacking the United States in cyberspace. But the Kremlin’s ubiquitous hacking operations rely on the most sophisticated and treacherous craft.

Effective cybersecurity means recognizing when your behavior makes you vulnerable to attack and strengthening all of your cyber defenses accordingly. Incorporating best practices Moscow’s new rules aim to defend not only against Russia, but also against adversaries like China, Iran and North Korea, not to mention competing companies and criminal groups.

Shawnee Delaney was an underground officer and former detachment chief of the Defense Intelligence Agency and computer specialist for the Department of Homeland Security for 10 years. She is a subject matter expert on insider threats and is the CEO of Vaillance Group.

Daniel N. Hoffman has been a Fox News contributor since May 2018. Prior to joining Fox News, Hoffman had a distinguished career at the Central Intelligence Agency, where he was three times Station Chief and Senior Undercover Service Manager. Follow him on Twitter @danielhoffmanDC.

Leave A Reply

Your email address will not be published.