Russia has always been a driver behind cyberattacks in our nation and state, targeting our infrastructure (Colonial Pipeline), our businesses and government (SolarWinds and others), and our way of life (elections). This will most likely escalate as the war begins with Ukraine.
It’s a standard operating procedure for Russia to launch a cyberattack before an incursion, but (depending on the U.S. response) they will most likely come after us next. Assuming our nation responds with economic sanctions and similar things, business email compromise (BEC) attacks and others will follow, targeting everyone.
In response to this predicted cyber onslaught, the Department of Homeland Security and Cyber Security and Infrastructure Security Agency recommends a Shields Up approach for everyone and their technology.
What is Shields Up? It means a heightened cyber defensive posture (i.e., better stuff) when protecting data and technical assets. Hopefully, you have all read the warning signs over the years, but if not, now is the time to ramp up protection.
First up, when you log into your bank, you’re prompted to enter a code sent to your phone; you should have a similar setup to log into your laptop or PC. This is two-factor authentication and if you do not have it, get it now.
Next, make sure your IT professionals update your network and hardware for known exploits and vulnerabilities. Please also have robust passwords that are changed regularly; everyone from CISA to me recommends this. You are putting out the welcome mat for Russians and all hackers if you do not. Also, have advanced threat protection tools; Dark Cubed is an excellent one we deployed recently; in conjunction with an enterprise-level firewall with geo IP filtering (blocks non-U.S. IP addresses) configured, you can stop many out-of-the-U.S. attacks at the gate.
In the worst case that you become a victim, have a crisis response team including all IT partners, management, legal, PR, etc., to be ready to respond. To help keep this response short and sweet, make sure to have a redundant backup of everything — files, systems, email, cloud services (yes, there are backups for One drive, SharePoint and Microsoft 365 email products).
By the numbers, Russian-backed hackers take an estimated 70% of ransomware money. This is just hacking for money, not hacking in war.
So, on a typical day, the Russians are very good at this; imagine when their entire military and government are involved, not just some old former KGB — now SVR — are the culprits.
Want some examples?
Here’s one: Just recently, Russians targeted Ministries of Foreign Affairs with a fake email from the Iranian Embassy. What a great cover; who would think to impersonate Iran (of all people)?
Banks in Ukraine were hit by a massive cyberattack last week; pretty much the nail in the coffin that peace was not happening. These are just the tip of the iceberg.
Do you know what keeps me up at night? China and Russia are on the same page (somewhat); their leaders met just this past December to reject Western influences and bonding from a security perspective. They specifically re-inked their “friendship and cooperation treaty.” That’s bad news for you and me and everyone who enjoys freedom on Earth.
The world needs heroes and brave action to get us through the next few months; my prayers are with those Ukrainian civilians whose lives are being turned upside down.
My advice to you regarding cybersecurity — SHIELDS UP. The Russians are coming.
Blake Dowling is CEO of Aegis Business Technologies and spends most of his time worrying about cyberattacks or watching Gator sports. [email protected]. Be safe out there and read his book Professionally Distanced if you are bored.