Beware! Potential Russian Cyberwarfare

Intelligence finds that Russia has initiated cyberwarfare techniques against Ukraine as military engagement escalates. Given the potential for similar attacks on US-based targets, we want to provide an update on what we know so far, and our recommendations to ensure the ongoing fidelity of your cybersecurity services for the protection of your business.

 

What we know so far: cyberattacks targeting Ukraine

Malware — New malware dubbed WhisperGate requests ransom payment and destroys files even if the ransom is paid.

Website Defacement — 70 attempts have been made to deface Ukrainian government websites with 10 being successful.

Distributed Denial-of-Service (DDoS) attacks — Targets include Ukraine’s armed forces, defense ministry, public radio, and 2 large banks. Several vital services were turned offline, and people were unable to access their bank accounts, use mobile apps, or issue online payments.

Many suspect a potential attack on the Ukrainian power grid as was executed during the 2015 Russian invasion of Ukraine.

 

Actions to ensure protection of your business

Ensure that your IT team are in active communication with all your partners to keep them posted on any real-time threat intelligence that may impact your operations. Notify them that you are conducting ongoing audits of your infrastructure and processes to ensure defense against possible exploitation from Russian state-sponsored threat actors --- assuming that you are of course. Also, be sure to let them know that the protection of their business is your number one priority, and that you will update and advise them as circumstances necessitate.

 

In the short term, we recommend the following:

• Remind employees of the role they play in keeping your business secure. For example, employees should actively look out for indicators of a potential business email compromise attack.

• Be skeptical—Last-minute changes in wiring instructions or recipient account information must be verified.

Double check that URL—Ensure the URL in the email is associated with the business it claims to be from.

Spelling counts—Be alert to misspelled hyperlinks in the actual domain name.

• Be sure users have updated their systems and applications to the latest release which typically includes latest security enhancements.

• Use security software to keep your computer safe. Set the software to automatically update so that it can handle any new security threats.

• Set your phone's software to update automatically to keep it safe. These upgrades may provide you with vital security protection.

• Multi-factor authentication is a good way to keep your accounts safe. Some accounts provide additional security by needing two or more credentials to log in.

 

 

For more information on optimizing your IT and securing your network, contact RCS Professional Services to speak with an IT professional or visit our website www.rcsprofessional.com.

Popular posts from this blog

Voice Cloning – A Growing Cybersecurity Threat

Challenges emerge in the ever-evolving landscape of cybersecurity, just when one believes they have a firm grasp on managing diverse digital risks. We would like to shed light on a rising concern known as voice cloning. This advanced technique employs artificial intelligence (AI) to replicate an individual's voice and manipulate it to articulate any desired message. However, as we delve deeper into this technology, it becomes apparent that its implications carry significant risks. The dangers associated with voice cloning are increasingly being acknowledged, prompting a need for heightened awareness and vigilance.