The U.S. Department of Homeland Security has issued a warning that Russia may launch cyberattacks against the U.S. government and critical infrastructure operators ahead of a potential invasion of Ukraine.

The warning came in a DHS intelligence bulletin issued to law enforcement partners Sunday. “We assess that Russia would consider initiating a cyber attack against the Homeland if it perceived a U.S. or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security,” the bulletin states.

Such attacks could range from “low-level denials-of-service to destructive attacks targeting critical infrastructure,” The Hill reported today. The bulletin added that Russia “almost certainly considers cyber attacks an acceptable option to respond to adversaries” because it cannot respond with the economic and diplomatic options often preferred by other countries.

Ukraine was targeted by a massive cyberattack earlier this month that knocked out key government websites. The country blamed Russia for the attack. Microsoft Corp. detailed the attack further on Jan. 17, describing it as using destructive malware designed to render computers unusable.

Russia is certainly capable of attacking targets in the U.S., with the country linked to the attack on Colonial Pipeline Co. last year.

It’s widely presumed that Russia will invade Ukraine in the coming weeks after amassing troops at the country’s border since the middle of last year. The U.S. and other countries have already begun to evacuate citizens from the country ahead of the potential invasion.

“It is considered fairly natural for cybersecurity attacks to accompany kinetic, real-world battles,” Roger Grimes, data-driven defense evangelist at security awareness training company KnowBe4 Inc., told SiliconANGLE. “What surprises me a bit is that it used to be that only the directly involved parties, government and government-related contractors and suppliers, had to be worried. But Russia has changed that equation enormously over the last year.”

Now, he added, “nation-state attacks are happening by the tens of thousands and occurring against organizations with no direct government affiliation. Everyone is apparently a ‘fair target’ these days. It is really a change in the state of nation-state attacks and cyberwarfare.”

Still, we’ve yet to see cyberattacks used in concert with a full-fledged military campaign, noted Tim Erlin, vice president of strategy at cybersecurity and compliance solutions firm Tripwire Inc. “DHS’s warning sets that expectation that something has changed in the threat profile and that organizations should be prepared for a change in the types of attacks they see,” he said.

Tom Garrubba, vice president at third-party risk management company Shared Assessments LLC, warned that all organizations should be operating at an increased “state of alert”  as the threat environment has expanded greatly thanks to geopolitical issues.

“As the threat environment continues to change, proper diligence is expected, and hopefully mandated, to ensure all cyber defensive tools and techniques are employed to protect your most precious data assets,” Garrubba said. “Continuous intelligence, monitoring, and dialogue with critical partners and suppliers should be ongoing to ensure all is ready in the event recovery needs or and additional support is available in the event something was to occur.”

Image: DHS