What the Russian Invasion of Ukraine Could Mean for the Cybersecurity Landscape
March 1, 2022 • Jacob Nix
Following Russia’s invasion of Ukraine on February 24th, the Department of Cybersecurity and Infrastructure Security Agency issued a stark warning that Russian cyberattacks on Ukrainian infrastructures may eventually spill into our own.
While, at present, there is no credible threat from Russia against the United States, that’s not to say that won’t change. After all, Russia has a long history of launching large-scale cybersecurity attacks against the United States, and with strict worldwide sanctions against the Russian regime pending, cybersecurity experts warn that response from the Kremlin would be swift and immediate. As a recent report from the Harvard Business Review observes,
“Conflict in Ukraine presents perhaps the most acute cyber risk U.S. and western corporations have ever faced. Invasion by Russia would lead to the most comprehensive and dramatic sanctions ever imposed on Russia, which views such measures as economic warfare. Russia will not stand by, but will instead respond asymmetrically using its considerable cyber capability.”
As part of their issued warning, the CISA formally recommends, “all organizations – regardless of size — adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets” with the following key measures.
Be proactive, not reactive
Reducing the opportunity for a cyber breach is key. Ensure all remote access to your organization’s network requires multi-factor authentication and that all essential 3rd party software and infrastructure are patched and up-to-date, while non-essential ports, protocols, and services have been disabled. It’s also important to test existing controls for vulnerabilities, confirming that key data and functionality can indeed be restored following an attack.
Have a mature and exercised and incident response plan with a well-defined escalation path
Time is of the essence with any security incident. In the event an intrusion is detected, all cybersecurity and IT personnel should be focused on addressing unusual behavior or errors as quickly as possible, updating all antivirus and antimalware software. Have a crisis-response team in place with a figurative phone tree, including a list of responsibilities spanning technology, communications, and legal teams. If your organization has Ukrainian employees or works with Ukrainian vendors, this is especially important.
The current circumstances are unlike any we’ve seen in recent history, and it’s an incredibly tumultuous time for our world, let alone our industry.
Our team is ready and able to help in any way we can. We’re only one email away.