As U.S. sanctions rolled out in response to the Russian invasion of Ukraine, national security organizations in the West are cautioning companies to be on the lookout for retaliation through cyberattacks.
The Biden administration promoted its "Shields Up" campaign to protect critical infrastructure across the country. The Cybersecurity & Infrastructure Security Agency (CISA) urges organizations to be "mindful of the potential for Russia's destabilizing actions," and provides tips and recommendations for companies, corporate leaders and individuals.
"Bottom line, businesses and local municipalities should be hyperaware and diligent," suggests Paul Tucker, chief information security officer at BOK Financial®.
"The current environment requires us all to be laser-focused on resilience," according to the CISA campaign site. "This must include a focus on ensuring preparedness and a rapid, coordinated response to mitigate the impact of such disruptions on our national security, economic prosperity, or public health and safety."
Tucker points to common tactics and techniques employed by Russian state-sponsored cyber attackers:
- Credential-stealing phishing attacks.
- Exploiting internet-facing applications.
- Supply chain compromise.
"In addition, while we are focusing on Russia, other countries that have previously garnered significant attention—China, Iran and North Korea—will likely hone in on the opportunity to conduct cyberattacks while attention is focused elsewhere," Tucker said.
The heightened awareness also prompts a reminder for cybersecurity best practices. CISA's checklist for organizations of all sizes provides guidance on being prepared, detection and response if an intrusion occurs.
"The best defense against attacks is preventing them—and it's more important than ever for companies and employees to work to prevent cyber incidents through training and good user behavior," said Tucker.
On average, we might each receive around 120 emails per day, he said.
"In our fast-paced world, it's critical for businesses to prepare themselves and their employees to appropriately safeguard against cyberattacks. So take time to read emails carefully. If something looks off, it probably is. All it takes is one wrong click to bring down your entire company," Tucker added.
But remember that it's more than just monitoring emails. Preventative measures include:
- Be prepared. Make sure you have an incident response and business continuity plan, and routinely test it, so you are ready in the event of ransomware.
- Minimize your attack surface. Enforce multi-factor authentication for remote access and update known vulnerabilities (use CISA free tools if needed).
- Employee awareness. Cybersecurity awareness training plays a crucial role in preventing cyberattacks of any kind. Organizations should test employees with phishing simulations to help keep cyber skills fresh.
- Evaluate the security of your supply chain. Actors have gained initial access to victim organizations by compromising trusted third-party software.
- Monitor CISA guidance. The Shields Up site provides guidelines for companies of all sizes plus detailed recommendations for business leaders.
"Being prepared, having a cybersecurity playbook and robust programs, and investing in educating employees about the importance of cybersecurity safety will go far in protecting your business and clients," Tucker said.