Ukraine-Russia Conflict Demands Heightened Cybersecurity Vigilance
3.3.22 | Client Alert
The Ukraine-Russia conflict has raised the very real possibility of reprisal cyberattacks by Russian government-sponsored threat groups and threat actors with a pro-Russia agenda. There have been many reports of denial of service and wider cyber-attacks impacting Ukrainian government entities and financial institutions. In response to stringent Western government sanctions against Russia, there is also the potential for an increase in phishing emails and ransomware that will be more dangerous and disruptive than ones previously encountered.
In this volatile and dangerous environment, the need for vigilance in your cybersecurity posture has never been more urgent. Here are some key reminders to protect your organization and yourself.
Reduce the likelihood of a damaging cyber intrusion
- Require that all remote access must have multi-factor authentication (MFA)
- Make all software updates – especially ones that address known exploited vulnerabilities
- Confirm that your IT personnel have disabled all ports and protocols that are not essential
- Initiate strong cloud services controls
Take steps to detect a potential intrusion quickly
- Identify and assess unexpected and unusual network behavior
- Confirm that the organization’s network is protected by antivirus/antimalware software
- If working with Ukrainian or Ukraine-friendly organizations, take extra care to monitor, inspect, and isolate network traffic
Ensure that the organization is prepared to respond if an intrusion occurs
- Designate a crisis response team with main points of contact for suspected incidents and roles/responsibilities
- Assure availability to key personnel; identify means to provide surge support responding to an incident
- Conduct tabletop exercises to ensure that all participants understand their roles during an incident
Maximize the organization’s resilience to a destructive cyber incident
- Test backup procedures to ensure that critical data can be restored rapidly if the organization is impacted
- Conduct a test of manual controls to ensure that critical functions remain operable
Steps you should take as an employee and in your personal life
- Be vigilant and operate with a healthy dose of skepticism with your online interactions
- Watch for emails soliciting donations for Ukrainian relief
- Verify the URL of any link before you click on it by hovering your cursor over the link and examining the URL. If you don’t recognize it, don’t click on it
- Delete any suspicious emails and contact your IT Service Desk
- Don’t enter your credentials (especially your company UserID) to access any website if you are not 1000% sure of its validity
- Remember, not all client or vendor websites are safe, so don’t operate with blind trust
For more insights on enhancing your cybersecurity and infrastructure protection, visit Shields-Up Guidance from the US Government (https://www.cisa.gov/shields-up).
If you have any questions, please contact Clifford Forrester, Chief Information Officer and Leader of Berdon’s Technology Services (BTS) Practice, at 212.699.6710 | firstname.lastname@example.org. BTS provides information technology solutions, including cybersecurity advisory, to businesses across multiple industries.