It is a time for re-thinking your approach to cyber security.
It is most unlikely that the Russians will escalate the current conflict into a full out cyber war. But it is something that cannot be ruled out.
The types of cyber attack the Russians are known for include:
- DDOS attacks – Denial of service attacks on banks, energy and communication companies infrastructure and supply chains.
- Wiper attacks – Malware which deletes data.
- Dissemination of false information
- Ransomware.
Types of cyber attacks
Most cyber attacks have been one-off against individual countries mainly at government and banking systems. It has not been confirmed that all or any of these were organised by Russia and most are individuals. But there is a belief that Russia indirectly supported them.
- 2007 – Estonia – spam attacks that took a number of sites down
- 2008 – Georgia – first recorded cyber attacks coinciding with armed conflict
- 2009 – Kyrgyzstan – DDOS took nation offline
- 2014 – Ukraine – cyber weapon called the Snake disrupted Ukraine gov systems
- 2014 – Ukraine – cyber DDOS attack against Presidential election
- 2015 – USA – White House computers hacked
- 2016 – Poland – 3 year disinformation campaign
- 2016 – UK – Brexit referendum – govt voter registration site attacked
- 2015 – France – malicious software took down networks of a TV station
- 2018 – South Korea – cyber attacks against Winter Olympics
- 2018 – USA – penetrated energy, water, gov and aviation facilities collecting info
- 2020 – USA – Solarwinds attack against government agencies
- 2021 – USA – Ransomware took down US fuel pipeline
- 2022 – Ukraine – attacks against government and bank websites
- 2022 – Unknown – HermeticWiper – wiper malware which removes data
What you need to do:
- Reset your mind and the mind of your staff to think about cyber security
- Review your cyber security protection and make sure your firewalls and virus protection are secure
- Look at your business supply chain and identify where any weaknesses may break it
- Review your business continuity plans
- For individuals and small business, two-factor authentication will be important in preventing
Definitions:
DDOS: Distributed denial of service (DDoS) attacks are designed to knock a website offline by flooding it with huge amounts of requests until it crashes.
Wiper: Malware designed to delete data. Example Hermetic Wiper.