Teal has closely monitored the rapidly evolving crisis surrounding the Russian invasion of Ukraine. On Thursday, February 24, 2022 (GMT), Russian forces launched a full-scale military assault on Ukraine. Initially, the conflict appeared to be limited to kinetic warfare.
However, it quickly became evident that cyber operations would also play a significant role. As tensions escalate, the likelihood of advanced and disruptive cyberattacks continues to rise – posing potential risks to organizations far beyond the immediate conflict zone.
Table of Contents
Cyber Activity
The following publicly disclosed events are being investigated as part of Russian state-sponsored cyber operation activity:
- January 13, 2022 – “WhisperGate” wiper activity targets Ukrainian organizations, including Ukrainian government agencies
- February 23, 2022 – Distributed denial-of-service (DDoS) attack on Ukrainian organizations, including government agencies.
- February 25, 2022 – Conti ransomware actors threaten “retaliatory measures” targeting critical infrastructure in response to “a cyberattack or any war activities against Russia.”
Protecting Your Organization After the Russian Invasion of Ukraine
The “Hacktivist” group “Anonymous” also announced a campaign against Russian assets. These types of campaigns are unlikely to cease, and the number of other groups supporting the state actors on each side is likely to increase.
These escalations of non-state actor groups may cause misattribution and additional hostile cyber operations against the United States and its allies.
Organizations should be prepared for any or all of the following:
- Attacks on your organization’s corporate networks.
- Attacks on the networks of critical partners or suppliers that impact your business and your customers.
- Attacks on the critical infrastructure sectors that have cascading impacts on your company and the geographic locations in which you, your customers, and your employees live and work.
- Attacks on individuals that are part of your company or interact with your company around the world.
Cyberattacks triggered by geopolitical unrest can severely disrupt operations. And for some businesses, the consequences may be permanent.
A successful breach can halt productivity, damage infrastructure, erode customer trust, and in worst-case scenarios, lead to complete business failure.
While only a comprehensive cybersecurity strategy can fully address these risks, the baseline best practices outlined below are essential for every organization, no matter the size, industry, or stage of growth.
Best Practices
- 1. Enable multi-factor authentication for all accounts.
- 2. Ensure all systems have an antivirus installed and appropriately configured. Ideally, an EDR or XDR solution should also be implemented.
- 3. Ensure all critical information and systems are backed up, appropriately secured, and verify that they can be successfully recovered in case of an incident.
- 4. Follow a backup strategy appropriate for your business and backups all critical systems and data.
- 5. Create a Business Continuity and Disaster Recovery Plan (BCDR).
- 6. Ensure employees are appropriately trained and receive periodic security awareness training.
Learn how to implement an engaging and successful cybersecurity awareness training program.
- 7. Engage a partner to monitor security alerts and tools in your environment. If you do not engage a partner, ensure resources are dedicated to monitoring your environment on days, nights, and weekends.
Although the information presented here may be troubling, organizations must review their current cybersecurity programs, start a program if they do not have one, and consider how to respond to unexpected business interruptions.
Implementing these recommendations can be daunting for most organizations, especially SMBs with limited or non-existent IT capabilities.
Fortunately, you don’t have to implement them alone. We are here to help you secure your business. Call (833) 367-8325 or fill out our contact form today to book a consultation.
Additional Resources
- Shields Up!: CISA’s campaign helps increase organizational vigilance and keep stakeholders informed about cybersecurity threats by providing recommendations, products, and resources to mitigate the impact of cyber attacks.
- How to Protect Your Networks from Ransomware: A collaborative guidance document created by multiple U.S. government agencies.
- Project Spectrum: Resources small/medium-sized businesses and federal manufacturing supply chains can use to improve their cybersecurity readiness, resiliency, and compliance.
- NSA Guidance and Advisories: Includes cybersecurity advisories, info sheets, tech reports, and operational risk notices.
