Cybersecurity Update: Guarding Against Cyber Attacks Following Russia’s Invasion of Ukraine

With rising international tensions following Russia’s invasion of Ukraine, organizations of all sizes and in every industry need to be vigilant to protect themselves from cyberattacks. Attackers may not be limited to nation-state affiliates. Bad actors could include independent organized cybercrime groups, such as ransomware gangs, vigilante groups with political motives, or other nefarious actors simply seeking to take advantage of the crisis. Some organizations may be targeted for their public associations (real or assumed), while others may inadvertently be affected due to the indiscriminate nature of an attack (cyber collateral damage), as was the case in 2017 with NotPetya. These “Quick Checks” can help any organization protect itself by detecting, responding to, and recovering from cyber incidents.

You've Got This

  • Review attack surface & 3rd party connections
  • Incident response plan
    • Put your hands on it & update
    • Make sure contact info is updated - employees; critical vendors/service providers; insurance/outside counsel 
    • Print it out and put it in multiple locations (OoB cloud storage as well)
  • Double-check backups 
    • Immutable 
    • Offline/out-of-band

Think Through

  • What communication can you prepare in advance?
  • How do you quickly isolate suspect devices and networks?
  • How do you communicate with team members out-of-band; do you have everyone's mobile number?
  • What should your baseline look like?
    • Ingress AND Egress
    • EDR
  • Do you have all the logs you need?
    • For the right length of time?

Carry On

  • Forensics/incident response
    • Your primary vendor may not be available
    • Multiple contacts are not bad
    • Know where you are 'in line' with your provider
  • All the basics
    • MFA & PoLP
    • Hardened baseline
    • Patch/update
    • Network segmentation
    • Logging & Monitoring (SIEM)
    • Vulnerability scan
    • Security training

 

These publications and websites also provide information about protecting against cybersecurity threats in today’s environment:

For more information about protecting your organization from cybersecurity threats, contact us. We are here to help.

©2022

SUBSCRIBE TO OUR NEWSLETTER