While it is unlikely New Jersey itself may feel significant shocks in the form of cyber attacks as the ripple-effects of the Russian invasion of Ukraine unfold, New Jersey businesses which operate in Russia and Ukraine may be at risk of bullying, pressure, harassment, or worse according to a former senior official from the New Jersey Office of Homeland Security and Preparedness.  New Jersey financial institutions and agencies may also be at risk of harmful cyber activity from foreign actors in support of Russian policy objectives.  Further, expect Facebook and other social media outlets to be deluged in misinformation, propaganda, and conspiracy theories aimed at eroding American unity.

On February 15, the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) had issued a statement warning that “malicious cyber activity” was likely to continue and increase with the commencement of hostilities between Kyiv and Moscow.

“Since the beginning of the conflict,” the NJCCIC report said, “there have been reports of website compromises and defacements, data destruction attacks, and ransomware incidents. When geopolitical conflicts develop, cyberattacks often precede or are used in tandem with destructive and violent physical attacks. They can be a tool to deter subsequent actions or to further harm their adversary.  Government support – diplomatic, financial, material, or otherwise – may lead a nation to become the target of a cyberattack even if they are not directly involved in the conflict. Not only should government agencies be extra vigilant during this time, but all organizations and businesses in the US should be on heightened alert for malicious cyber activity targeting their networks as adversaries may target networks and systems indiscriminately.”

The NJCCIC warned that Russia has “extensive” cyber capabilities which have “historically targeted critical infrastructure; including energy and water utilities, government organizations, healthcare, and telecommunications.”  The Kremlin or their proxies may have also already infiltrated networks and are “biding their time” should it be decided to take further action.

The report added “…while cyberattacks occurring during geopolitical conflicts are likely meant to only impact their intended target(s) – as the world experienced during the NotPetya attack of 2017 – borders do not exist in cyberspace and once malware is deployed, it has the potential to infect vulnerable systems across the globe. Along with cyber threat activity, Russia is likely to engage in disinformation campaigns in attempts to garner support for the Russian Government and their actions, and/or to sow unrest and division.”

To that end, the NJCCIC recommended that entities potentially at risk review their cybersecurity measures; update their response and operations plans; segment networks; apply “the Principle of Least Privilege”—or in other words, enable a system only those privileges and routes of access necessary to accomplish their tasks and no more; employ multi-step authentication for their users and networks; establish or maintain data backup systems, including having separate, offline copies somewhere secure; update their systems; disable protocols and ports no longer in use; and other guidance.  “If industrial control systems (ICS) or other operational technology is used, test manual controls to ensure that critical functions can continue if a network becomes unavailable.”

Insider NJ’s source asked not to be named and emphasized that they were speaking on their own, offering their own insights, and not on behalf of the Office of New Jersey Homeland Security and Preparedness.

“When tensions between Russia and the US escalate,” the former senior official said, “Russia has a tendency to put pressure on US based companies, particularly US based companies that have some sort of assets or personnel in Russia, so Google, Facebook, etc. They have offices, people, all that stuff in Russia because they’re doing business there.  It’s really easy for Russia to pressure those companies because they’re there in the motherland.  If you have large New Jersey companies that have offices or personnel in Russia, what plans do you have for your operations?  What are their vulnerabilities?  That sort of thing.”

The source said that last September, during Russia’s parliamentary elections, several tech and social media companies had been hosting content for parties and candidates in opposition to Putin.  The government responded by pressuring those firms to remove the content by labeling it illegal or extremist.  “What I mean by ‘pressure’ is, there are media reports that Russian law enforcement showed up at the offices and said, ‘You’re going to take this down now’ and there was at least an implicit threat of physical force.  Of course, hidden behind that are the Russian government’s threats that they’re going to fine the company a lot of money, or seize the company’s assets.  So, there is at least the potential for damage to the company, whether fines, maybe even throwing employees into jail.”

The US Department of State issued a Level 4 “Do Not Travel” advisory to Americans who might be going to Russia.  The Department of State warned that “U.S. citizens, including former and current U.S. government and military personnel and private citizens engaged in business, who are visiting or residing in Russia have been interrogated without cause, and threatened by Russian officials and may become victims of harassment, mistreatment, and extortion.  All U.S. government personnel should carefully consider their need to travel to Russia.”

The State Department further warned that Russian security services have arrested American citizens on “spurious charges” and been denied “fair and transparent treatment, and have convicted them in secret trials and/or without presenting evidence.  Russian officials may unreasonably delay U.S. consular assistance to detained U.S. citizens.  Russian authorities arbitrarily enforce local laws against U.S. citizen religious workers and open questionable criminal investigations against U.S. citizens engaged in religious activity.”

Additionally, according to the State Department, dual citizens have “special restrictions” imposed on them by Russian authorities who may choose to deny acknowledging their American citizenship, or prevent them from leaving the country.  “The rights to peaceful assembly and freedom of expression are not guaranteed in Russia, and U.S. citizens should avoid all political or social protests.”

The former official said that, in terms of cyber threats, Russian actors are widely believed to be operating either at the behest of, or with “at least tacit approval” from the Russian government.  “They have been involved in numerous cyber attacks, denial of service attacks against companies and nations.  This is to further Russian policy, that’s not particularly new. So could something like that happen [in New Jersey]?  Theoretically, it could.”  The former official added that predicting the potential likelihood of such a scenario was outside their field of expertise.  “If things got really heated, there have been warnings posted about infrastructure being vulnerable to being hacked, which would be everything from the health care fields, infrastructure like power generation, water, treatment plants, and institutions’ data.  We’re going through a sort of epidemic of ransomware attacks against companies where a malicious actor will come in, basically lock down your network, and say, ‘if you want access to all your files, you have to pay.’”

The official said that they had read a report where a group of hackers, known as the Belarus Cyber Partisans, had successfully hacked the Belarussian national railway system on January 25.  The ransomware was a response to Belarussian dictator Alexander Lukashenko allowing Russian forces to travel through the country to position themselves to attack Ukraine.  While this nebulous, relatively new region of political conflict represents new threats, the cyber-battlefields and their potential may also present a defensive aspect.  “I would fully expect there to be a back and forth in terms of cyber attacks,” the former official said, “and that may be one of the things that mitigates against that threat.  If Russia believes that there is a real threat of retaliation, that might be a problem.  I don’t want to speculate on what that could be, but I think I would expect a lot of cyber attacks in Ukraine.  Would I expect them in New Jersey?  That would seem to be a really big escalation.  If the US could attribute those to Russia, you would kind of have to have some sort of retaliation, so, [Russia] may not want to do that.”

The official said that, fundamentally, the gravity by which a cyber attack on a state like New Jersey or anywhere in the US was judged would have to be a political decision.  The official cited the March 4, 2018, attempted assassination of Sergei Skripal (a former Russian officer and double-agent) and his daughter Yulia in Salisbury, England, using a Russian nerve agent.  A total of five people, including a police officer, were hospitalized as a result of the attack and one person died.  The UK accused Russia of the attack, which the Kremlin denied.  “You could argue they deployed a chemical weapon in another country.  That’s an act of war, right?  But, of course, the British government was not going to declare war on Russia over that. They’re going to call it something else, they’ll treat it in another way.  There’s been a question of, at what point is a cyber attack a real act of war?”  The official said that, hypothetically, a cyber attack could damage American infrastructure or financial institutions, leading to actual deaths or serious monetary losses.  The nature of cyber attacks, however, also provides a lot of deniability, rendering it difficult to conclusively point the finger at an enemy.

“The Russian government is famous for traditionally allowing criminal cyber networks to operate freely.  As long as they don’t operate in Russia,” the source said, “Russia usually turns a blind eye because the Russian government can sometimes harness them, give them some plausible deniability, but can still get their dirty work done.”

As far as New Jerseyans themselves are concerned, barring a massive escalation in international tensions, the source felt that large businesses more than residents should be concerned about cyber security.  “I don’t think regular citizens would have to worry about much, but, if you have a business that has interest in Russia or Ukraine, they may have some sort of vulnerability there which they would have to address.”

What the source does expect, however, is for a ramping up in misinformation through social media, trying to undermine citizens’ confidence in the government and governmental institutions.  An uptick in internet trolls and bots, computer programs which operate online accounts a human would but are designed to spout out misinformation, should surprise no one, the source said.  “The strategy will be very much the same, as before.  It will be attempting to exacerbate fissures that are already in our society.  The plan is to make Americans hate Americans, to make us become sort of consumed with fighting each other so that we can’t pay attention to other places around the world.”

On June 28, 2021, the New Jersey Office of Homeland Security and Preparedness had issued a statement which said foreign terrorist organizations “…will attempt to capitalize on the easing of COVID-19 restrictions, exploit domestic unrest and anti-government sentiments, and rely on disinformation and conspiracy theories to garner support and motivate homegrown violent extremists (HVEs) to conduct attacks.”  The former official echoed that statement, saying that much of the reporting on the Canadian trucker protests and unrest had been intensified by Russian sources.  “A lot of it is being amplified by Russian bots and networks and things like that.  We will continue to see that because it’s been very effective.”

But what is the purpose?  For the source, it was simple.  “Spreading chaos—that’s the goal,” the source said.  In 2020, Russia ranked as the 11^th largest economy in the world, behind South Korea and just ahead of Brazil.  The coronavirus has also been ravaging the Russian Federation, although exact numbers of infections are considered unreliable.  These, among others, contribute to domestic problems plaguing the country which can both serve Putin’s power structure, as well as undermine the strength of the country as a whole.  “If you think about it, Russia is a kleptocracy.  Ultimately, for Vladimir Putin, the oligarchs, and the people who are at the top, what do they care as long as people conform and allow the existing structure to exist?  I’m overstating it a bit, but I think they would prefer to have a little chaos in their country if they can create a lot more chaos in the US and Western Europe.  If everybody’s chaotic, Russia thinks it basically shuffles the deck, and that increases the chances that they will end up with more power when the dust settles.”