U.S. cybersecurity officials are urging all American agencies and companies to be on the lookout for increases in Russian cyberattacks amid the growing hostilities in the war on Ukraine. From SolarWinds Orion to the Colonial Pipeline attacks, state-sanctioned cybercriminals continue to increase the sophistication of their Tactics, Techniques, and Procedures (TTP) and engage in cyberwarfare.
As a result of the Russian war in Ukraine, the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) has updated its “Shields Up” guidance for organizations. “Russia’s unprovoked attack on Ukraine, which has been accompanied by cyber-attacks on Ukrainian government and critical infrastructure organizations, may have consequences for our own nation’s critical infrastructure, a potential we’ve been warning about for months,” states the CISA guidance.
While there are no specific threats to United States critical infrastructure or financial interests, there is increased potential for aggressive and destabilizing actions originating from or supported by Russia to affect organizations beyond Eastern Europe. This is especially precipitated by the impactful sanctions on Russian interests worldwide imposed by the United States and our allies. “Every organization—large and small—must be prepared to respond to disruptive cyber activity,” added CISA.
Update, Detect, and Educate
LexisNexis® Risk Solutions believes there are three basic steps that can be taken to prepare for and address potential attacks from Russian cybercriminals and their affiliates:
Update. It is critically important to consistently update and patch your connected systems to control access. Access Control is key. Old and outdated software is more vulnerable to cyber criminals and updates keep you safe from known exploitable vulnerabilities into your network. If a hacker can get into your system, they can move deeper and even laterally and potentially cause major, costly damage.
Detect. In addition to regular updates, one best practice to protect access is monitoring. This helps an organization better understand if and how access controls are working. Whether it is through reactive analysis or proactive monitoring, employing sound, automated monitoring is crucial for system security. Also, you may consider building a Zero Trust network — where all implied trust is tightly controlled from both internal and external users.
Educate. Good cybersecurity begins and ends with good education. In all facets of security, the human factor cannot be overstated. In fact, IBM has found that the average cost of a single data breach caused by human error is $3.33 million. In cybersecurity, as in other concerns, an educated workforce is an empowered workforce. Even the most robust system can be breached through one mistake or even malicious insider attack (see zero trust). Phishing and Business Email Compromise (BEC) are just two vectors that have been effective in causing billions in financial impacts. Building a robust cyber-access policy is not just about implementing the best methods and tools, it’s about making sure each member of your workforce understands them, is compliant with them, and is vigilant to the potential for breaches.
Loose Clicks Sink Systems
Created by the War Advertising Council in World War II, the slogan “Loose Lips Might Sink Ships” was incredibly effective in helping Americans understand the potential danger of their personal behavior.
The same type of personal responsibility and vigilance can be effective in the prevention of cyber threats as well. In our increasingly connected world, companies and workers must come to understand that “loose clicks sink systems” and we all play a critical role in the battle against malicious cyber actors.
By implementing the above three principals: Update, Detect, and Educate, organizations large and small can be better equipped to deal with current, emerging, and future cyber vulnerabilities.
This is the second of our Fraud of the Day “Vulnerability Alerts,” bringing new trends in government fraud to our subscribers.