Since March 2022, the invasion of the Ukraine has not only escalated on a physical level, but also in regard to cyber threats. While the majority of cyberattacks have occurred within the Ukrainian government and banking institutions, everyone has become fair game. From phishing campaigns disguising as Ukrainian relief programs to fake requests for cryptocurrency donations from Ukrainian government officials, hackers are developing new techniques to target individuals and organisations on a global scale.
In this blog, we have broken down some of the ways the Ukraine conflict has changed cybersecurity and how to navigate these new potential threats.
Attacks are no longer exclusive to physical force
When we think of war we often think of gunfire and battlefields. However, the landscape of warfare has taken a turn in the last several years. After the devastation from the NotPetya attack in 2017, the world finally got a glimpse of how cyberattacks can have severe repercussions on a global scale. Since February 2022, there has been an increase in malware and ransomware attacks by state-actors against Ukraine and its allies.
In April 2022, Microsoft published an insightful report that highlighted how cyberattacks have been targeting critical infrastructures, telecom providers, energy grids and government networks. “Russia’s use of cyberattacks appears to be strongly correlated and sometimes directly timed with its kinetic military operations targeting services and institutions crucial for civilians,” the report states. “Actors engaging in these attacks are using a variety of techniques to gain initial access to their targets including phishing, use of unpatched vulnerabilities and compromising upstream IT service providers. These actors often modify their malware with each deployment to evade detection.”
These cyber forces are proving that not all danger comes from stepping onto the front line. These attacks threaten the economy, power sources and supply chains, and can have lasting effects worldwide.
Hackers have developed a global IT army
It is no secret that Ukraine is a very tech-savvy nation. It’s estimated that over 100 of the recent Fortune 500 companies utilize Ukrainian IT services on various levels. This degree of expertise is playing a huge role in the country’s resilience and is even driving volunteers from around the world—including the hacking group Anonymous. Allied nations, such as China, are offering remote assistance and are allegedly joining the mix of hackers worldwide coming to the aid of Ukraine.
Back in March 2022, the Washington Post released an article that noted, “An IT army of volunteers from inside and outside Ukraine has been targeting Russia with a mix of offensive hacks and information operations aimed at cracking through Russian censorship with news about the bloody conflict.”
While many nations around the world have offensive hacking capabilities, their involvement in certain activities in kept very secret and secure. However, there is now doubt the IT Army will take on defensive tasks for Ukraine.
New techniques to prevent and mitigate attacks
With all the new types of cyber threats out there, there have to be countermeasures available to prevent damage while keeping your organisation compliant. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recommends that companies of all sizes adopt a heightened cybersecurity posture.
Here are some the top tips to help enhance your cybersecurity based on insight from CISA:
- Reduce exposure through multi-factor authentication, vulnerability scanning and strong cyber hygiene and controls.
- Stay current on antivirus/anti-malware software, signatures, patches and updates, particularly those that address known exploited vulnerabilities.
- Isolate sensitive records, documentation and data among corporate entities and subsidiaries using entity management solutions.
- Safeguard board and executive communications using secure portals and messaging apps.
- Sharpen visibility using risk intelligence data and monitoring tools, including solutions equipped with AI for real-time monitoring.
- Monitor, inspect and isolate traffic from organizations with ties to Ukraine and closely review access controls for that traffic.
- Train cybersecurity and IT personnel to quickly assess and respond to any unexpected or unusual network behavior.
To learn more, check out CISA’s website for the latest cybersecurity approaches.
While the cyberattacks deriving from the war in Ukraine may diminish over time, it is unlikely that things will return to what they were before—especially as new methods continue to emerge. Your best long-term solution to cyber threats is to strengthen your organisation’s security methods. Ultra I&C’s cybersecurity solutions can help secure your networks and bolster your resilience capabilities. We are continuously monitoring the growing number of attacks and working with organisations by assessing the level of cyber threats and how to customize solutions to keep you protected. Contact I&C’s Cyber team by submitting your information using our online form to learn more about our range of products.