Conflict in Ukraine Shows Cyberattack Potential in the Battlefield

Conflict in Ukraine Shows Cyberattack Potential in the Battlefield

While far from the front lines, US companies clearly have an increased cyber risk from the Russian instigated conflict against Ukraine.  After Russian military hackers carried out intensive cyberattacks against several of Ukraine’s banks and government websites, Britain’s National Cyber Security Centre (NCSC) warned of potential cyberattacks with “international consequences.” The same wiper malware hit Ukrainian financial institutions and government contractors in Latvia and Lithuania. ESET Research Labs observed that the malware successfully deleted data from hundreds of infected machines.

Last week, a massive, distributed denial of service (DDoS) attack also knocked the websites for Ukraine’s defense and foreign ministries, the Council of Ministers, and PrivatBank (the country’s largest commercial bank) offline.  Since Ukraine first became a testing ground for the Russian military hackers’ cyberattacks years ago, the impact has been far-reaching, even for businesses that were not  directly targeted by these cyberattacks. With the current conflict creating economic turmoil, the entire world may soon experience a spike in ransomware extortions by threat actors in regions starved for funds.

The Cybersecurity and Infrastructure Security Agency (CISA) said that “While there are not currently any specific credible threats to the U.S. homeland, we are mindful of the potential for the Russian government to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine.”  Based on this situation, CISA issued a Shields Up Guidance that recommends “all organizations—regardless of size—adopt a heightened posture regarding cybersecurity and protecting their most critical assets.”

Companies should adopt a comprehensive cybersecurity program to protect their computing environment and critical data against the current and projected cyberattacks. This program can include and is not limited to regular backups, Endpoint Detection & Response with 24/7 human threat hunting, password management best practices, and multi-factor authentication.

Kivu can help! Please reach out to mss@kivuconsulting.com for further information.

Sources:

• https://www.reuters.com/technology/britain-warns-cyberattacks-russia-ukraine-crisis-escalates-2022-02-22/
• https://www.telegraph.co.uk/world-news/2022/02/19/britain-warns-russian-cyber-attacks-companies-urged-take-defensive/
• https://www.cisa.gov/shields-up
• https://www.cnn.com/2022/02/24/tech/russia-ukraine-us-sanctions-cyberattacks/index.html