• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Compliance, IT Infrastructure, Network Security, News

Cybersecurity Experts: Ukraine, Russia Crisis Could Result in U.S. Cyberattacks

Cybersecurity experts are warning organizations to be extra vigilant against cyberattacks as the Russia-Ukraine crisis unfolds.

February 16, 2022 Zachary Comeau Leave a Comment

Russia Ukraine Cyberattacks

As the world waits to see what unfolds in Ukraine, cybersecurity professionals are urging western governments and organizations to be prepared for serious cyberattacks coming from Russia and its allies.

These warnings come from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) as well as private sector cybersecurity software providers like Mandiant that have raised awareness of the possibility of large-scale cyberattacks from Moscow.

According to news reports, Russia has amassed over 100,000 troops near the Ukrainian border and could be preparing to invade its neighbor. While military action has yet to unfold, Ukraine has already suffered cyberattacks in recent weeks, including a malware campaign masquerading as ransomware and DDoS attacks that temporarily knocked some government and banking websites offline.

As high-level discussions between Russia and the west continue, cybersecurity experts say organizations should expect to see more cyberattacks.

In a blog post, Sandra Joyce, executive vice president and head of global intelligence at Mandiant, says Russia’s history of aggressive cyberattacks warrants concern. She cites Russia’s cyberattacks against Ukraine’s critical infrastructures and other attacks against Europe and the U.S.

If the West responds to an armed conflict with Ukraine, the risk of Russia conducting cyberattacks will increase, Joyce writes. These potential attacks may manifest as supply chain compromises designed to gain access to multiple network simultaneously, similar to the SolarWinds Orion compromise.

“Many of the same steps defenders might take to harden their networks against ransomware crime will serve to prepare them from a determined state actor, if they take them now,” Joyce writes.

Read: The Anatomy of a Russian Cyberattack

Despite those potential threats, Joyce cautions against panic, saying that the real target of cyberattacks is our perceptions.

“The purpose of these cyberattacks is not simply to wipe hard drives or turn out the lights, but to frighten those who cannot help but notice,” Joyce writes. “The audience of these attacks is broad, but it is also empowered to determine how effective they are. While these incidents can be quite serious for many, we must remain mindful of their limitations. We only do the adversary a service by overestimating their reach.”

Meanwhile, cybersecurity giant CrowdStrike says in a blog that while cyberattacks against Russia’s adversaries during this crisis can’t be discounted, they are unlikely due to the potential for global escalation.

“However, the incidental targeting of international businesses operating within Ukraine may be used by Russian-nexus adversaries to dissuade business operations and investment and destabilize the local economy,” the company said.

In addition to Mandiant, CrowdStrike and several other high-profile cybersecurity providers advising customers to harden networks, CISA issued an advisory this week urging U.S. organizations to take steps now to harden its networks. The advisory includes several recommendations for preparing for a cyberattack and responding to one, as well as other CISA resources, including its catalog of known exploited vulnerabilities.

Here are CISA’s recommendations, in its entirety:

Reduce the likelihood of a damaging cyber intrusion

  • Validate that all remote access to the organization’s network and privileged or administrative access requires multi-factor authentication.
  • Ensure that software is up to date, prioritizing updates that address known exploited vulnerabilities identified by CISA.
  • Confirm that the organization’s IT personnel have disabled all ports and protocols that are not essential for business purposes.
  • If the organization is using cloud services, ensure that IT personnel have reviewed and implemented strong controls outlined in CISA’s guidance.
  • Sign up for CISA’s free cyber hygiene services, including vulnerability scanning, to help reduce exposure to threats.

Take steps to quickly detect a potential intrusion

  • Ensure that cybersecurity/IT personnel are focused on identifying and quickly assessing any unexpected or unusual network behavior. Enable logging in order to better investigate issues or events.
  • Confirm that the organization’s entire network is protected by antivirus/antimalware software and that signatures in these tools are updated.
  • If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic.

Ensure that the organization is prepared to respond if an intrusion occurs

  • Designate a crisis-response team with main points of contact for a suspected cybersecurity incident and roles/responsibilities within the organization, including technology, communications, legal and business continuity.
  • Assure availability of key personnel; identify means to provide surge support for responding to an incident.
  • Conduct a tabletop exercise to ensure that all participants understand their roles during an incident.

Maximize the organization’s resilience to a destructive cyber incident

  • Test backup procedures to ensure that critical data can be rapidly restored if the organization is impacted by ransomware or a destructive cyberattack; ensure that backups are isolated from network connections.
  • If using industrial control systems or operational technology, conduct a test of manual controls to ensure that critical functions remain operable if the organization’s network is unavailable or untrusted.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Cybersecurity

Related Content:

  • Cisco Live 2023 Cisco Live 2023: Simplified Management, Enhanced Security, AI
  • Phishing, Email security Email Attacks are Evading Security Protections. Here’s How…
  • MOVEit, ransomware, CVE-2023-34362, Ransomware Groups Confirmed to be Exploiting MOVEit Bug
  • Shure Stem Ecosystem Shure: Democratizing Conferencing Hardware With The Stem Ecosystem

Free downloadable guide you may like:

  • Download TechDecisions' Blueprint Series report on Security Awareness now!Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

    Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared to defend against them in this report from TechDecisions' Blueprint Series.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Download TechDecisions' Blueprint Series report on Security Awareness now!
Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared t...

Workplace Collaboration Tools for Corporate Spaces
Workplace Collaboration Tools for Corporate Spaces

From lobbies and shared spaces to conference rooms and multipurpose facilities, you need high-performing AV technology to effectively share informa...

ChatGPT, generative AI, enterprise, workplace
Blueprint Series: ChatGPT and Generative AI in the Workplace

This latest release of the TechDecisions Blueprint Series explores the new phenomenon of tools such as ChatGPT and how IT leaders should go about d...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.