Intelligence finds that Russia has initiated cyberwarfare techniques against Ukraine as military engagement escalates. Given the potential for similar attacks on US-based targets, we want to provide an update on what we know so far, and our recommendations to ensure the ongoing fidelity of your cybersecurity services for the protection of your business.
What we know so far: cyberattacks targeting Ukraine
• Malware — New malware dubbed WhisperGate requests ransom payment and destroys files even if the ransom is paid.
• Website Defacement — 70 attempts have been made to deface Ukrainian government websites with 10 being successful.
• Distributed Denial-of-Service (DDoS) attacks — Targets include Ukraine’s armed forces, defense ministry, public radio, and 2 large banks. Several vital services were turned offline, and people were unable to access their bank accounts, use mobile apps, or issue online payments.
• Many suspect a potential attack on the Ukrainian power grid as was executed during the 2015 Russian invasion of Ukraine.
Actions to ensure protection of your business
Ensure that your IT team are in active communication with all your partners to keep them posted on any real-time threat intelligence that may impact your operations. Notify them that you are conducting ongoing audits of your infrastructure and processes to ensure defense against possible exploitation from Russian state-sponsored threat actors --- assuming that you are of course. Also, be sure to let them know that the protection of their business is your number one priority, and that you will update and advise them as circumstances necessitate.
In the short term, we recommend the following:
• Remind employees of the role they play in keeping your business secure. For example, employees should actively look out for indicators of a potential business email compromise attack.
• Be skeptical—Last-minute changes in wiring instructions or recipient account information must be verified.
• Double check that URL—Ensure the URL in the email is associated with the business it claims to be from.
• Spelling counts—Be alert to misspelled hyperlinks in the actual domain name.
• Be sure users have updated their systems and applications to the latest release which typically includes latest security enhancements.
• Use security software to keep your computer safe. Set the software to automatically update so that it can handle any new security threats.
• Set your phone's software to update automatically to keep it safe. These upgrades may provide you with vital security protection.
• Multi-factor authentication is a good way to keep your accounts safe. Some accounts provide additional security by needing two or more credentials to log in.
For more information on optimizing your IT and securing your network, contact RCS Professional Services to speak with an IT professional or visit our website www.rcsprofessional.com.