What your business needs to know regarding potential Russian cyberwarfare

Russian cyberwarfare

We are in active communication with all our technology partners to exchange real-time threat intelligence that may impact our operations.

Intelligence has found that Russia has initiated cyberwarfare techniques against Ukraine as military engagement escalates.

Given the potential for similar attacks on European and US-based targets, we want to provide an update on what we know so far and the steps we are taking to continue our cybersecurity services and deliver them to you, for the protection of your business.

We are also conducting ongoing audits of our infrastructure and processes to ensure defence against possible exploitation from Russian state-sponsored threat actors.

What we know so far: cyberattacks targeting Ukraine

  • Malware — New malware dubbed WhisperGate requests a ransom payment and destroys files even if the ransom is paid.
  • Website Defacement — 70 attempts have been made to deface Ukrainian government websites, with 10 being successful.
  • Distributed Denial-of-Service (DDoS) attacks — Targets include Ukraine’s armed forces, defence ministry, public radio, and two large banks. Several vital services were turned offline, and people were unable to access their bank accounts, use mobile apps, or issue online payments.
  • Many suspect a potential attack on the Ukrainian power grid, as was executed during the 2015 Russian invasion of Ukraine.

 

Actions to ensure the protection of your business

We are in active communication with all our technology partners to exchange real-time threat intelligence that may impact our operations. We are also conducting ongoing audits of our infrastructure and processes to ensure defence against possible exploitation from Russian state-sponsored threat actors. The protection of your business is our number one priority, and we will update and advise you as circumstances necessitate.

In the short term, we recommend all companies follow these steps:

  • Remind employees of the role they play in keeping your business secure. For example, employees should actively lookout for indicators of a potential business email compromise attack.
    • Be sceptical – Last-minute changes to bank transfer instructions or recipient account information must be verified.
    • Double-check that URL – Ensure the URL in the email is associated with the business it claims to be from.
    • Spelling counts – Be alert to misspelt hyperlinks in the actual domain name.
  • Be sure users have updated their systems and applications to the latest release, which typically include the latest security enhancements.
  • Ensure your business has appropriate data backups.
  • Ensure your business has a disaster recovery plan in place, allowing you to respond quickly in the event of a cyberattack.
  • Carry out a security assessment of your company’s cyber security and IT infrastructure, checking for vulnerabilities and ways to improve your overall posture.

 

Please feel free to get in touch with LoughTec if you like any further information about any of the above points. Email us at info@loughtec.com or call us on +44 (0) 2882 252445.

LoughTec: Watertight Cyber Security and IT Solutions