Login to your account

Username *
Password *
Remember Me

Blog

Ukraine war holds critical cybersecurity lessons for all organizations

Ukraine war holds critical cybersecurity lessons for all organizations

Nine months after Russian forces invaded Ukraine, it’s becoming increasingly clear that the cyber front in this war is every bit as consequential as the military one. And organizations far outside the war zone can’t afford to ignore the cybersecurity lessons being taught on this brutal battlefield.

THREATS THAT GO BACK YEARS

The warnings have been building since long before Russian soldiers and weapons first began massing at the border, and the conclusions are stark. A report from Forrester in March concluded the invasion threatened to permanently alter the cyberthreat landscape; primarily as Russia accelerated its cyberattacks and cyber-espionage efforts to offset military losses and compensate for expanding economic sanctions. Forrester said Russian cyberattacks had been building for years, targeting Ukrainian financial systems and critical infrastructure. Forrester’s analysts said this was a siren call to CISOs of any organization, in any geography, to ramp up their protective efforts by building stronger internal partnerships and prioritizing cybersecurity spending and resources.

As the threat landscape continues to evolve, organizations may find themselves at risk in similarly fast-evolving ways. Forrester’s report suggests organizations that have made public statements in relation to the war may find themselves at greater risk of being targeted by malevolent, state-sponsored Russian cybercriminals.

Similarly, organizations could be more vulnerable to insider threats from employees or contractors who may not agree with the public positions or statements regarding the invasion. For example, a social media post that describes Russia’s action as an invasion or war – which directly contradicts Russia’s narrative – could trigger an employee to act. Incomplete offboarding activities would make it easy for Russian-sympathetic ex-employees or contractors to wreak havoc on internal systems long after their employment has been terminated. 

RISKS EXTEND WELL BEYOND THE WAR ZONE

Russia has been one of the world’s top supporters – alongside China, Iran, and North Korea – of state-sponsored cybercrime, cyber-espionage, and cyber-warfare for decades. Its ill-advised attack on Ukraine has only served to elevate Russia’s role as a global digital pariah. As Vladimir Putin’s political position becomes ever more tenuous thanks to a military operation that by all estimates has fallen far short of the generals’ best laid plans, he and his supporters will increasingly lean on digitally malevolent investments to advance Russia’s political aims. Whatever happens in Ukraine, expect Russian-sourced cyberthreats to continue to multiply.

As the threat landscape becomes less predictable and more volatile, technology leaders can no longer afford to assume this is something that happens to someone else. In fact, the risk is global in nature, with organizations far from the European theater just as likely to be targeted as those closer to the actual front line.

Cyberwarfare knows no physical borders, after all, an organization in the American or Canadian heartland is just as easily targeted by Russian or state-sponsored cybercriminals as one situated within Ukraine’s borders. 

START PREPARING COUNTERMEASURES - NOW

While the threat environment is becoming ever more turbulent, best practices for mitigating the risks are as straightforward as they’ve always been. Consider implementing the following:

1 - Assess your stance on the invasion. Evaluate your messaging strategy across all public-facing platforms to better understand how it could become a potential trigger. If your organization – or anyone associated with your organization – has commented publicly about the invasion, recognize that this could result in elevated cyberthreats against you.

2 - Amplify communication with senior leadership. Brief everyone in the C-suite as well as their direct reports to ensure everyone with budgetary accountability appreciates how the Ukraine war relates to organizational cyberthreats. Reinforce the need to prioritize cybersecurity-specific budgets, training, and resourcing. Now is not the time to ignore the need to strategically invest to counter the rising threats. Maintain regular communications across the organization to explain to all stakeholders how the threat landscape is evolving, how the organization is adapting, and what you need from them.

3 - Update your disaster recovery and/or business continuity plan. Review existing DRPs or BCPs to ensure they reflect this fast-changing reality. Update all relevant documents accordingly to ensure the organization is prepared for any cyberthreats – DDoS attacks, insider attacks, phishing/identity theft, compromised intellectual property, hijacked social media accounts, etc. – that might arise from the current conflict in Ukraine.

4 - Start simulating. Role-play potential attack scenarios to ensure all response teams are properly prepared, and any gaps are identified – and addressed – long before a real-life scenario presents itself.

5 - Get your developers on-board. Although cyber-first development processes were essential long before Russian forces first rolled into Ukraine, they are even more essential now. If cybersecurity isn’t yet an integral part of your organizational development and product roadmaps, now is the perfect time to start building out this capability.

6 - Put vendors and contractors on notice. Your cybersecurity plan is only as strong as its weakest link, so take steps to ensure third-party providers are aligned with the organization’s risk mitigation strategies and tactics. Challenge them to explain how they, too, will update their own internal operations to mitigate their – and your – risk.

7 -  help from your government. Specifically, most governments had already established national cyber security agencies long before the conflict erupted, and they have been releasing best practices and resources to help organizations, agencies, and citizens protect themselves from Russian digital aggression following the invasion. These include the Cybersecurity and Infrastructure Security Agency in the U.S., the Canadian Centre for Cyber Security, the National Cyber Security Centre (UK), the European Union Agency for Cybersecurity (ENISA), the Federal Office for Information Security (also known as BSI) in Germany, the National Cybersecurity Agency (ANSSI) in France, and the Australian Cyber Security Centre.

As winter descends on Ukraine, no one really knows which direction the conflict will take next, or how long the Russian military aggression will continue. What is known is the cyber front in this war will continue to threaten organizations just like yours in all sectors, and in any geography. 

 

Read 663 times Last modified on Tuesday, 29 November 2022 14:18
Rate this item
(1 Vote)
5 Tips for Creating a Great UX  - STEP Software Inc. - Custom Software Development https://t.co/I4cPf4ngRS https://t.co/PmPDcrLJwr


Our exceptional talented developers and supportive team, combined with our highly effective, well-developed methodology has provided custom applications to Fortune 500 corporations and entrepreneurial companies.

 

Latest Posts from Blog

Italian ransomware attack highlights bad patch management

Italian ransomware attack...

A major ransomware attack Sunday kicked the majori...

Here’s why it takes so long to write great code

Here’s why it takes so lo...

“You want how much?” Software developers often hea...

Creative Disruption – why we should embrace change, not fear it

Creative Disruption – why...

I did a lot of reading and reflection over the hol...

Tech layoffs don’t mean that the sky is falling anytime soon

Tech layoffs don’t mean t...

There’s no denying that the headlines are jarring:...

FAA NOTAM outage should scare all of us into (finally) testing our DRPs

FAA NOTAM outage should s...

The U.S. air travel system experienced its worst m...

A new year means a new approach to cybersecurity

A new year means a new ap...

Forgive us, but here at STEP Software, we’re optim...

Custom software or out of the box? The 5 reasons why custom could be the answer for your business

Custom software or out of...

If there is one truth in today’s technology-driven...

Southwest Airlines meltdown: a reminder why software maintenance matters

Southwest Airlines meltdo...

When a massive winter storm roared across much of...

We look at 2022’s top 10 tech stories – and why they matter

We look at 2022’s top 10...

As we wind down 2022 and prepare for some long-ove...

Staff Augmentation Part 3 – Way more than outsourcing

Staff Augmentation Part 3...

Note: This article is the third in our ongoing ser...

5 suggestions for reviewing your software before the new year dawns

5 suggestions for reviewi...

Whatever business you’re in, it’s reasonable to as...

STEP Software celebrates the 2022 holiday season!

STEP Software celebrates...

As we head into the 2022 holiday season, we at STE...