Russia’s attack against Ukraine has shocked the world and you may be surprised to learn that this might have a direct impact on your business in the way of cybercrime. Due to the significant increase in cyber-attacks as part of the assault on Ukraine and its allies, we felt it was important to provide some information for you and your staff, to help you protect yourself during this difficult time.
Cyber-attacks are increasingly a common part of modern warfare. As part of the Russian attack on Ukraine, cyber threat actors have deployed destructive malware against organizations in the country to destroy computer systems and render them inoperable. Destructive malware can have a huge impact on an organization’s daily operations, presenting a direct threat to vital systems and impacting the availability of critical assets and data. These attacks are likely to continue and will probably spill over to affect organizations in other countries, unintentionally.
Our Security Operations team is closely monitoring the CISA (Cybersecurity & Infrastructure Security Agency), as well as all public information regarding the threats we are seeing from Russia. As a managed service provider, we work closely with our clients and partners to report any specific items which might have an impact. If you are a client reading this blog, please reach out to your Strategic Advisor with any questions you may have.
There are plenty of things that you can do to protect yourself and your organization. You are a vital part of the cyber security protocols and processes that protect your organization.
Please continue to focus on the fundamentals of cyber security, whether at home or at work. The sense of urgency might have changed, but the methods that cyber attackers use to target us have not. The two key points to focus on are as follows:
Phishing – Phishing attacks and related scams are when bad actors online attempt to trick or manipulate you into doing things that you shouldn’t do or revealing privileged or confidential information. These attacks are often sent as emails, but phishing scams can also use SMS messaging, social media, or even telephone calls! Whenever someone attempts to create a sense of urgency, to rush you into taking action with an artificial time limit or promotes something that is too good to be true, it is most likely an attack. Taking time to double check anything that feels uncertain, and go through best practices, is always a sensible approach.
Passwords – Strong passwords are the key to protecting your online, digital life. Every one of your accounts should be protected by a unique, strong password. The longer your passwords the better. Passphrases – passwords made up of multiple words like “honey-butter-happy” are particularly effective. Can’t remember enough passwords for all your different accounts? Neither can we! Therefore we recommend using a password manager to securely store all of your unique passwords, so you only have to remember one master password. Finally, wherever you have the option, enable multi-factor authentications (MFA) on your important accounts.
The final aspect of this increased threat level online is that there will be a tremendous amount of false and misleading information spread on the internet. Do not trust or rely on information from new, unknown, random, or suspicious-looking social media accounts, or unauthenticated posts on LinkedIn, Facebook, Instagram or Twitter. Many profiles and accounts on these platforms have been created especially for the purpose of proliferating fake information. Instead, rely only on information from well-known, trusted, and fact-checked news sources who verify the authenticity of information before broadcasting or publicizing it. It is also worth checking and verifying the authenticity of any charitable causes or philanthropic organizations related to the war in Ukraine before donating. Scams focused on charitable giving are also rife, so give to well-known, trusted charities rather than newer, smaller, unverified initiatives.
Above all, please continue to focus on the cyber security fundamentals and online health checks. Tried-and-tested methods will go a long way towards protecting yourself and your organization, no matter who the cyber attacker is. Savvy, manipulative threat actors are going to try their best to leverage and capitalize on the anxiety, fear, and heightened emotions that many of us will be dealing with during these uncertain times. Prompt and clear communication is key, and the first step towards navigating these situations safely and securely.