Cyber risks with the current Russia and Ukraine crisis - how these impact your business
WE’VE all seen the awful news and impacts first-hand that the Russian invasion of Ukraine has created. The result is quite simply a humanitarian crisis with global repercussions. We can only hope this ends sooner rather than later, via peaceful means.
It’s also one of the first times we see cyber security as an equally important attack vector compared to soldiers and tanks. Intelligence has found that Russia has initiated cyber warfare techniques against Ukraine as military engagement escalates. Examples include:
• Malware — New malware dubbed WhisperGate requests a ransom payment and destroys files even if the ransom is paid.
• Distributed Denial-of-Service (DDoS) attacks — Targets include Ukraine’s armed forces, defence ministry, public radio, and two large banks. Several vital services were turned offline, and people were unable to access their bank accounts, use mobile apps, or issue online payments.
• Many suspect a potential attack on the Ukrainian power grid, as was executed during the 2015 Russian invasion of Ukraine.
As a further consequence, cyber security experts have said Russian hackers could well target Ireland and the UK, and the imposition of sanctions by London on Moscow has increased those fears. While it’s common practice to think the targets would be massive organisations like banks or retailers, the sad truth is that SMEs are often much more attractive to threat actors. Why?
- SMEs can tend to have a thought of “It’ll never be our company” and therefore do not put the correct resources and precautions in place to prevent attacks. Yet 1 in 5 Irish SMEs will suffer a breach this year.
- Large businesses can have massive teams and dozens of IT Security tools in place, which can make it difficult for threat actors. SMEs who do not, are much easier targets.
- SMEs cannot afford to be shut down by an attack so often pay the ransom. The typical downtime after an attack is 19 days – can you survive that downtime?
- The typical ransom figure for Irish SMEs is €25,000. Can you afford this in the first place? Cyber insurance isn’t always the answer either - they will not pay out unless you have the correct plans, processes, tools and investments in place.
The sad truth is that you cannot be 100 per cent fully protected from cyber threats, no matter what you do. In a similar way to your house, you can have the best cameras, walls, security and guard dog, but there is always a chance someone can bypass these.
However, by doing the simple things correctly, you can make it a lot more difficult for threat actors to successfully attack your network. I’m a big believer in doing the simple things right – build the foundations correctly before building the walls.
Some actions to help ensure the protection of your business:
- Remind employees of the role they play in keeping your business secure. For example, employees should actively lookout for indicators of a potential business email compromise attack.
- Be sceptical – Last-minute changes to bank transfer instructions or recipient account information must be verified.
- Double-check that URL – Ensure the URL in the email is associated with the business it claims to be from.
- Spelling counts – Be alert to misspelt hyper-links in the actual domain name.
- Be sure users have updated their systems and applications to the latest release, which typically include the latest security enhancements.
- Ensure your business has appropriate data backups.
- Ensure your business has a disaster recovery plan in place, allowing you to respond quickly in the event of a cyber attack.
- Carry out a security assessment of your company’s cyber security and IT infrastructure, checking for vulnerabilities and ways to improve your overall posture.
We all hope the current crisis ends as soon as possible, but sadly this could run on for months and years, massively impacting both our personal and working lives.
In the interim, remain extra vigilant and do the simple things right cyber security-wise – do not become a statistic!
Jonathan Adams is a cyber security lead at LoughTec, which specialises in protecting Ireland’s critical infrastructure