The ongoing Russia-Ukraine conflict is mired in disinformation, propaganda, and cyber aggression like never before. Apart from the boots on the ground in Ukraine, the digital assault has been in progress for months. On both sides, hackers are at work to disrupt critical infrastructure and government entities.
According to experts, three main types of cyberwar tactics have been used (so far) in the Russia-Ukraine conflict – wipers, distributed denial of service (DDoS) attacks, and defacement/fake news.
The ‘hybrid warfare’ has cybersecurity leaders on high alert for potential ‘spillover effects’ of the war. Cybersecurity measures have been tightened across nations based on various threat intelligence reports. As the conflict unfolds, governments around the world are urging organizations to be vigilant amid increasing cybersecurity threats:
- CISA launched its #ShieldsUp campaign and provides a guide to protect against potential cyber intrusion.
- Cyber Security Agency of Singapore (CSA) urged organizations to ‘bolster their cyberdefence’ to prevent web defacement, distributed denial of service (DDoS), and ransomware.
- Australian Cyber Security Centre (ACSC) is on high alert encouraging organizations to ‘urgently adopt an enhanced cyber security posture’
- UK data watchdog urges vigilance amid heightened cyber threat – British companies have been urged to bolster their digital security over concerns of possible Russian cyber-attacks linked to the growing political crisis in Ukraine
- Following the Japanese government’s announcement to impose economic sanctions on Russia, companies are on high alert for potential cyberattacks.
- While the Indian government hasn’t issued an official advisory, intelligence officials warn of a rise in cyberattacks in India.
What security checks can organizations implement?
In this heightened cybersecurity scenario, vigilance is key to securing your organization. Apart from the advisories issued by CISA, CSA, and other cybersecurity agencies, secure yourself by paying close attention to your organization’s security measures:
- Assess your risk and attack surface areas
- Define new security rules such as geolocation blocking
- Run regular vulnerability assessment scans and look at known exploited vulnerabilities
- Run phishing tests within the organization to reduce human error
- Block all free VPN and TOR services
- Follow top cybersecurity intelligence sources
- Implement endpoint detection and response (EDR) solutions
- Fortifying Human Firewall (Cybersecurity awareness and training)
The devastating NotPetya attack against Ukrainian infrastructure only five years ago is a chilling reminder that today’s cyber-threat landscape is rapidly evolving. Anonymous hacktivists, ransomware groups, and underground hacking groups are crowd-sourcing attacks along with state-sponsored hackers. The collective threat actors can wreak havoc on critical infrastructure of any country. For instance, Conti, Russia-based ransomware group are crowd-sourcing attacks and also warning other states to stay away from the conflict. According to the US Cybersecurity and Infrastructure Security Agency (CISA), “Conti actors are known to exploit legitimate remote monitoring and management software and remote desktop software as backdoors to maintain persistence on victim networks.”
Cybersecurity experts have long warned that nations could engage in cyber-attacks against one another in order to gain an advantage in a conflict. The ongoing war is ‘stress-testing’ security systems, shedding light on the important aspects of national security policy, exposing weaknesses in critical infrastructure and raising concerns about whether cyber-attacks could escalate into broader conflicts. That makes it increasingly necessary to secure networks and systems, especially around identity and access control, network monitoring, and supply chain security.
The Russian cyberattack on Ukraine is the most brazen and destructive act of cyberwar. It is also a sign of things to come. As digital technologies continue to proliferate and interconnect, states and other actors will become increasingly willing to launch cyberattacks that can cripple economies, governments, and social order. The world is entering a new era of cyber insecurity. In times of crisis, the private sector must take the lead in developing offensive cyber capabilities. Countries need proactive enterprises to serve as the front line of defense against malicious cyberactivity. As the Russia-Ukraine crisis has escalated, one question has become critical to understanding the conflict’s scope and implications: how does it affect the future of cybersecurity?