Adam Meyers is still recovering from COVID and hasn’t slept much this week as he and his team at cybersecurity firm CrowdStrike work around the clock to monitor and defend private sector and government clients against potential new threats from Russia.
Why it matters: U.S. ability to detect, monitor and defend systems against direct attacks or fallout from cyberattacks may be compromised by potential burnout of cybersecurity workers.
The big picture: Cybersecurityexperts have already had to deal with years of increased large-scale attacks while facing the same physical, mental and emotional challenges as the rest of the global workforce during the health crisis.
Being in a prolonged period of high state alert where people are constantly trying to react and respond to incidents may lead to people being worn down and making mistakes, Meyers, SVP of intelligence, tells Axios.
"If you're a bad guy and you target an organization and cause those defenders to constantly get worn down ... that's a long game strategy that may result in degrading their ability to respond."
What they're saying: "You're literally the only person that's ever expressed any concern about the people that are working on this," Meyers told Axios.
"I have over 70 people that have been burning the candle on both ends for the better part of six weeks now because of this situation."
For smaller organizations, the issue may become even more acute, says Luke McNamara, principal analyst with cybersecurity company Mandiant.
"You may have [only] one individual ... so that's a tremendous load."
State of play: While it's hard for experts to say exactly how and what a directcyberattack on a U.S. company or agency might look like, the consensus, largely, is that the threat level is low for the moment, but the situation is changing continuously.
"What we're seeing so far is pretty tame," says Josephine Wolff, associate professor of cybersecurity policy at The Fletcher School at Tufts University.
Spreading of disinformation and cyber espionage have been constant, and not just from Russia, McNamara says.
"What we're always looking for is any sort of notable changes in the threat activity," he adds.
Threats to watch: The concern anytime you see espionage is how that activity might be further leveraged for something more destructive.
Specifically, cybersecurity analysts are looking at where sanctions are going — think finance and energy — because that's where there may be signs of retaliatory targeting by Russian "threat actors," according to McNamara.
The bottom line: "There's no shortage of crises that are happening when it comes to cyberthreats," he says.
Just this morning, Meyers reminded his team to "get some sleep, exercise, whatever — to be in fighting shape. And some of them refuse because there's a sense of mission."
A major esports tournament in Katowice, Poland began today with a member of a Ukraine-based team that includes Ukrainian and Russian players calling for peace.
Why it matters: The Intel Extreme Masters includes teams from nations now at war. Organizers had rebuffed any calls to postpone the tournament or prohibit Russian teams.
Russia's communications regulator Roskomnadzor on Friday said it would partly restrict Facebook, citing the social network as a "violation of fundamental human rights and freedoms, as well as the rights and freedoms of Russian citizens."
Why it matters: It’s part of a greater effort by Russia to silence dissent amid protests against Russia’s Ukraine offensive.
Earlier this month, NFT marketplace OpenSea became the latest big crypto company to set up a venture arm.
Why it matters: Despite the recent boom in VC money now focused on backing cryptocurrency and web3 companies ($32 billion invested in 2021 alone), these corporate VCs still believe there’s something unique they can bring to the table.
While it's not totally clear how Russian cyberattacks might spill over to — or even directly target — American businesses, experts say prudent businesses should take steps now to prepare.
Why it matters: It's too late to radically revamp a firm's entire security setup, but there's still time for measures that can help minimize potential damage.