As part of the ongoing Russia-Ukraine conflict, Russian cyberattacks have primarily targeted Ukrainian government and bank systems, but the attacks may spread to countries outside of Ukraine soon. The Cybersecurity and Infrastructure Agency (CISA) and the FBI have warned organizations to increase protection as a precaution in case these attacks begin to affect the United States.
Experts have reported known Russian cyber groups gathering information on U.S. infrastructure like electric and gas sites. While the FBI and CISA have received no warnings of direct threats to any Western countries, it is best to act now to protect your information.
What can you do to protect your business from global conflict?
- Take action. Experts believe that any Russian cyberattacks would be disruptive, rather than intended to steal data, but working with a trusted IT provider now is a smart move. You should assess your cybersecurity situation and be prepared for increased cybersecurity risk.
- Protect against malware. A form of data-wiping malware has recently had a resurgence in Ukraine, and it could be used in potential attacks on the U.S. as well. It may not be utilized by Russian cybercriminals, but any hacker could modify the strain for their own use. Prevent it from ever reaching your business by using strong passwords and using multi-factor authentication.
- Extend security to each endpoint. Most cyberattacks today are targeted for a specific endpoint. If even one endpoint is reached and malware or ransomware is successfully established, be it on an email, mobile phone, or computer, the entire network could be compromised. We recommend using a form of endpoint detection and response (EDR) that provides threat detection, spam filtering, and sandbox attachment scanning for every endpoint in order to protect it from potential threats.
- Keep digital assets safe. Global conflicts increase cybersecurity risk in part because they inspire people to take action, which can create openings for phishing campaigns. Far-ranging cyberattacks will often take down thousands of websites at once by attacking servers, or even take down entire sections of the internet. Firewalls and network security tools monitor internet activity for vulnerabilities like these before they are exploited. Ensuring software is up to date with security patches can also help protect against these attacks.
- Back up data. In the event that your business is affected by a cybersecurity attack, the best form of damage control is having backups of all business data that has been captured or destroyed. We recommend keeping multiple copies of important information and storing it in different cloud-based and physical locations to ensure you never lose your information. You should work with an IT provider to have an incident response plan that will get your business back to functioning normally.