How Russia’s Invasion of Ukraine Will Affect Your Cybersecurity
In the wake of the Russian-Ukraine conflict, business leaders worldwide have to worry about one thing—the implications of cyberattacks from Russia flaring up.
Recently, the US Department of Justice said that with tensions turning into an all-out war, this might be the best time for most entrepreneurs to think about remaining safe against all latent attacks.
What Types of Attacks Can Businesses Expect?
Scoot Kanry, the CEO of Axio, states that there’s no doubt that US-based companies might see an increase in cyberattacks because of the conflict. If the Colonial Pipeline Attack is anything to go by, then US-based organizations must be prepared for the potential havoc state-sponsored attacks can have on the business universe.
Kanry suggested that organizations should expect attacks such as DDoS (distributed denial-of-service), activation of persistent malware, phishing, and others across the 16 crucial infrastructure systems – a potent concern to organizations like health clinics or schools, which lack the most basic cyber defense systems, making them vulnerable to attacks.
While individual firms might be at an enhanced risk of attack, many organizations might become collateral damage in infrastructural attacks. That should not mean that firms should only plan for infrastructural damages – it is probable that some pivotal firms might have been jeopardized in the past, and now Russia is waiting for the perfect time to use their back door system.
How Your Firm Can Prepare for Increased Cyberattacks
The best way to boost your cybersecurity posture is to create a baseline using an industry-standard structure such as NIST Cybersecurity Framework. When you have a solid baseline, you can use the framework to determine what you need to meet higher security standards.
Firms should also use strong password hygiene policies and sturdy MFAs across every business application. Moreover, make sure your systems are patched and updated regularly. Next, ensure your networks are correctly segmented.
These recommendations align with what Blue Hexagon Founder Saumitra Das said is a mark of state-level cyberattacks – they are brilliant at eluding detection. State cyberattacks mostly create mutated attacks that render threat intelligence unconstructive, use living off land systems to bypass endpoint security, and emphasize disruption rather than data ransoms, which is easier to achieve.
In such cases, firms need to focus on detection. Plus, take note of new indicators of compromise (IOCs). As an organization, investing in robust cybersecurity tools is key to monitoring these threats proactively. Companies should also try to keep up with the latest threat intelligence systems, which often contain the latest IOCs.
As for attacks mutated with the intent of evading threat intelligence, Das suggests using AI-based detection tools to pick up suspicious activities plus typical IOCs quickly. Lastly, be sure to test and test again. It is not enough to plan if you do not actualize it!
About Atlantic, Tomorrow’s Office
Atlantic is an award-winning office technology and IT solutions company providing Imaging Products, IT Support, Document Management, Cybersecurity and Managed Services to small and large companies in the New York City metropolitan area, and the Greater Philadelphia and Delaware Valley.
For the latest industry trends and technology insights visit ATO’s main Blog page.