The world is watching the terrible conflict currently happening in Ukraine. Russia has attacked the nation in more ways than one, including leveraging cyberattacks as part of the escalating discord.
SolCyber, and the information security sector as a whole is on high alert and we recommend organizations know what the elevated risk is and what they can expect from the conflict.
CISA, The U.S. Cybersecurity & Infrastructure Security Agency, has issued a “Shields Up” warning to all businesses as a result of this crisis. Their warning recommends that “Every organization—large and small—must be prepared to respond to disruptive cyber activity,” which could be a direct or indirect result of Russia’s aggression.
Here’s what we know and recommend.
Increased hacker activity has been observed
The crisis has resulted in an increase in hacker activity but mainly involves businesses caught in the crossfire between Russia and Ukraine.
The activity will continue to grow as more nations and political groups get involved. While many countries have taken action via sanctions, some groups have taken a stance on the cyber front. Most notably the infamous hacking group, Anonymous, has sided with Ukraine while Conti is rooting for team Russia. As the war continues to escalate, we may see the breadth of participants expand and activity increase significantly.
Peripheral attacks will seek to take advantage of misinformation and the crisis as a whole
Hackers love to take advantage of world events, this war is no exception. Criminal organizations have already targeted the wallets of charitable people.
Make sure that you’re wary of any communication, whether via text, email, or social media that refers to the crisis and asks you to donate, click on a link, or download an attachment. There are opportunists everywhere and we’ve already seen evidence of misinformation and hacking campaigns across social media.
Organizations should stay on high alert and bolster their defenses.
To stay protected, your organizations should:
- Pay attention to the proper communication channels for any new alerts around potential attacks and risks. Things are expected to change on a daily basis — even if you think there’s no risk posed to you, that may change in the coming weeks depending on how strategies and targets shift.
- Make sure your organization is protected against all forms of ransomware. Russian attackers and hacker groups are notoriously known for advanced ransomware attacks.
- Ensure you’re updating all your software and systems to reduce your overall exposure via any known vulnerabilities. More targeted attacks and APTs often take advantage of vulnerabilities within an organization set of technology tools or vendors.
- Work with your key security partners and vendors who may be able to specify the risk (or lack of) posed to your organization. If you’re working with an MSSP, like SolCyber, they’ll be able to properly equip you with the information and best steps to take.
At SolCyber, we’re making sure we’re keeping up with the most pressing threat intel, are keeping an eye on important trends, and ensuring our tools are as up-to-date as possible in order to fully protect our customers.
If you want to learn more about the potential risk posed to your organization or need advice on how to bolster your cyber security resilience, please contact us.