War in Ukraine heightens awareness of cyber threats

After imposing sanctions against Russia, U.S. urges American companies to be extra vigilant

ByMegan Ryan
March 2, 20223 min read

As U.S. sanctions rolled out in response to the Russian invasion of Ukraine, national security organizations in the West are cautioning companies to be on the lookout for retaliation through cyberattacks.

The Biden administration promoted its "Shields Up" campaign to protect critical infrastructure across the country. The Cybersecurity & Infrastructure Security Agency (CISA) urges organizations to be "mindful of the potential for Russia's destabilizing actions," and provides tips and recommendations for companies, corporate leaders and individuals.

"Bottom line, businesses and local municipalities should be hyperaware and diligent," suggests Paul Tucker, chief information security officer at BOK Financial®.

"The current environment requires us all to be laser-focused on resilience," according to the CISA campaign site. "This must include a focus on ensuring preparedness and a rapid, coordinated response to mitigate the impact of such disruptions on our national security, economic prosperity, or public health and safety."

Tucker points to common tactics and techniques employed by Russian state-sponsored cyber attackers:

  1. Credential-stealing phishing attacks.
  2. Exploiting internet-facing applications.
  3. Supply chain compromise.

"In addition, while we are focusing on Russia, other countries that have previously garnered significant attention—China, Iran and North Korea—will likely hone in on the opportunity to conduct cyberattacks while attention is focused elsewhere," Tucker said.

Be proactive

The heightened awareness also prompts a reminder for cybersecurity best practices. CISA's checklist for organizations of all sizes provides guidance on being prepared, detection and response if an intrusion occurs.

"The best defense against attacks is preventing them—and it's more important than ever for companies and employees to work to prevent cyber incidents through training and good user behavior," said Tucker.

On average, we might each receive around 120 emails per day, he said.

"In our fast-paced world, it's critical for businesses to prepare themselves and their employees to appropriately safeguard against cyberattacks. So take time to read emails carefully. If something looks off, it probably is. All it takes is one wrong click to bring down your entire company," Tucker added.

But remember that it's more than just monitoring emails. Preventative measures include:

  • Be prepared. Make sure you have an incident response and business continuity plan, and routinely test it, so you are ready in the event of ransomware.
  • Minimize your attack surface. Enforce multi-factor authentication for remote access and update known vulnerabilities (use CISA free tools if needed).
  • Employee awareness. Cybersecurity awareness training plays a crucial role in preventing cyberattacks of any kind. Organizations should test employees with phishing simulations to help keep cyber skills fresh.
  • Evaluate the security of your supply chain. Actors have gained initial access to victim organizations by compromising trusted third-party software.
  • Monitor CISA guidance. The Shields Up site provides guidelines for companies of all sizes plus detailed recommendations for business leaders.

"Being prepared, having a cybersecurity playbook and robust programs, and investing in educating employees about the importance of cybersecurity safety will go far in protecting your business and clients," Tucker said.


Topics
Subscribe

Related Content

    BOK Financial Corporation is a more than $50 billion regional financial services company headquartered in Tulsa, Oklahoma with more than $105 billion in assets under management and administration. The company's stock is publicly traded on NASDAQ under the Global Select market listings (BOKF). BOK Financial Corporation's holdings include BOKF, NA; BOK Financial Securities, Inc., and BOK Financial Private Wealth, Inc. BOKF, NA's holdings include TransFund and Cavanal Hill Investment Management, Inc. BOKF, NA operates banking divisions across eight states as: Bank of Albuquerque; Bank of Oklahoma; Bank of Texas and BOK Financial (in Arizona, Arkansas, Colorado, Kansas and Missouri); as well as having limited purpose offices Nebraska, Wisconsin, Connecticut and Tennessee. The entities held by BOK Financial Corporation are periodically referred to collectively as BOK Financial Corporation Group. Through its subsidiaries, BOK Financial Corporation provides commercial and consumer banking, brokerage trading, investment, trust services, mortgage origination and servicing, and an electronic funds transfer network. For more information, visit www.bokf.com.

    Securities, insurance, and advisory services offered through BOK Financial Securities, Inc., member FINRA/SIPC and an SEC registered investment adviser. Services may be offered under our trade name, BOK Financial Advisors.

    Investments involve risk, including loss of principal. Past performance does not guarantee future results. There is no assurance that the investment process will consistently lead to successful investing. Asset allocation and diversification do not eliminate the risk of experiencing investment losses. Risks applicable to any portfolio are those associated with its underlying securities.

    INVESTMENT AND INSURANCE PRODUCTS ARE: NOT FDIC INSURED | NOT GUARANTEED BY THE BANK OR ITS AFFILIATES | NOT DEPOSITS | NOT INSURED BY ANY FEDERAL GOVERNMENT AGENCY | MAY LOSE VALUE.

    The content in this article is for informational and educational purposes only and does not constitute legal, tax or investment advice. Always consult with a qualified financial professional, accountant or lawyer for legal, tax and investment advice. Neither BOK Financial Corporation nor its affiliates offer legal advice.

    BOK Financial® is a trademark of BOKF, NA. Member FDIC. Equal Housing Lender . © 2025 BOKF, NA.