The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has recently issued two alerts addressing risks from Russian state-sponsored cyber threats and highlighting recent malicious cyber incidents suffered by public and private entities in Ukraine. CISA has prioritized analysis of vulnerabilities that have been used by Russian cyber threat actors. As a result of this analysis, they added 95 additional vulnerabilities to their known exploited vulnerabilities catalog.
Seemingly every major news event, from COVID-19 and major storms to celebrity happenings and cultural events like March Madness, brings with it some level of cyber threat activity.
The conflict between Ukraine and Russia is different, of course, as cyber weapons are being used by both sides to interfere with each other’s ability to fight. So far, most of the activity seems to be contained in the combat theater. It always has the potential to spill outside of that immediate area as a Russian malware attack on Ukrainian systems did in June 2017. As the conflict escalates and takes on an economic warfare edge, we anticipate an expansion of cyber threats to firms here in the US.
Every organization—large and small—must be prepared to respond to disruptive cyber activity. CISA recommends all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.
If you have a security program, now is the time to:
- communicate with your employees (and families) to educate them about risks
- review continuity plans and incident response plans
- raise vigilance in patching and monitoring logging and altering safeguards
We also recommend a review of critical third parties. The people of Ukraine are known to be tech-savvy and productive. Many US firms have back-off development and support teams in Ukraine or other countries, like Poland, close to the action. Other third parties may be adversely impacted by the conflict as well. Understanding the risks associated with critical third parties in light of the conflict is important. If you don’t have a security program in place, there is nothing like the present to conduct a risk assessment to understand what risks you are exposed to and how to reduce them to a tolerable level.
We can see the physical results of war on our TVs and on our social media platforms, but we cannot as easily see cyber warfare. Oftentimes, victims of a cyber-attack may not even realize they’ve been breached. Effective cyber defense is a long game requiring sustained strategic investment and the first step is understanding your risks and vulnerabilities. To discuss this information in more detail, contact a member of GBQ’s Information Technology Services team today.
Article written by:
Director of Information Technology Services