It’s now been almost one month since the Russian invasion of Ukraine commenced. Since then, ceasefire negotiations have been futile. As a result, the lives and livelihoods of millions of innocent Ukrainians continue to be altered forever by the Russian military, who by many accounts, has very little interest in fighting a war with their close neighbors to the west.

In conjunction with the horrific events taking place in the physical world, battles in cyberspace are being fought on many fronts. While some experts argue that the “catastrophic cyberwarfare” between Russia and Ukraine has yet to begin; it is believed that Russian threat actors supported by the Kremlin have made further inroads into Ukrainian critical infrastructure. It is also widely suspected that Russia is responsible for hacking the Ukrainian government and national financial institutions.  

Despite not having a military cyber unit, Ukraine’s digital defenses are so far proving as formidable as their physical infantry has. Aided by allies and hacking groups “friendly” to their defense, Ukraine appears to be adequately defending its digital infrastructure from the Russian onslaught of cyberattacks. According to the AP, “U.S. Cyber Command has been assisting Ukraine since well before the invasion.” 

In addition, Ukraine has formed what is being described as the world’s first “volunteer cyber army.” When announced, almost 200,000 IT specialists and hackers from around the world volunteered to help hack Russia and defend Ukraine. Also coming to Ukraine’s aid is the infamous hacking group Anonymous. The clandestine group has been hammering Russian websites with cyberattacks intended to debunk misinformation and take government websites offline. 

The unintended consequences of cyberware

Some believe that the Russia-Ukraine cyberwar will far outlast the physical battle (let’s pray that both end very soon). That’s certainly realistic from a misinformation and disinformation standpoint, but is otherwise just speculation. 

A prolonged cyberwar could have devastating consequences for organizations far beyond Eastern Europe. For example, many in US threat intelligence, like former Cybersecurity and Infrastructure Security Agency (CISA) director Chris Krebs, believe that the recently enacted sanctions will lead to a spike in ransomware targeting American organizations.  

Ransomware is already a major problem in the United States. In 2021, the average amount of reported ransomware transactions per month was $102.3 million, according to the US Treasury. Even some of the most prepared enterprises struggle to prevent ransomware attacks. 

Other forms of cyber extortion, such as Distributed Denial of Service (DDoS) attacks, are also likely to target businesses and institutions deemed allies of Ukraine. At the same time, I for one expect Russian nationalist profiteers, with nothing to lose, to increase their financial demands to unprecedented amounts, making negotiations incredibly difficult. 

While we can, with some accuracy, quantify the tangible costs of ransomware and DDoS attacks resulting from the Russia-Ukraine war, it will be nearly impossible to project an accurate assessment of the collateral damage that will occur. 

That’s because most organizations will not be direct cyber targets of the Russian nation-state. Instead, the vast majority will have reverberating consequences that trickle down from one organization to the next. Examples include production and shipping delays, continued inflation and supply chain disruption, leaked private communications, and lateral attacks, among others. 

Double down on enterprise security best practices

CISOs do heroic work investing in their teams and technology to protect their organization from cyberattack. Unfortunately, there is no solution to prevent “collateral damage.” If there was, I’d build it. 

During this time of unprecedented cyberwar, perhaps the best way to minimize collateral damage is to double down on enterprise security best practices, such as:

1. Protecting the endpoints – Ensure that advanced endpoint detection and response (EDR) is properly installed and configured across every corporate owned device. If necessary, task someone on your team to run an inventory check to make sure no endpoint slips through the cracks. 
2. Only allowing access to corporate resources through MFA – Mandate the use of multi-factor authentication wherever available and without exception. Invest in a password management solution if you don’t already do so. 
3. Bolstering patch management – Just last week, CISA added 95 new vulnerabilities to its catalog. Work with your team to prioritize a patching schedule so that vulnerabilities capable of exploitation are minimized. 
4. Reinforcing anti-phishing – Now is the time to consider increasing the frequency and complexity of your phishing awareness training and simulations, and investments in anti-phishing technology. More than 90% of all cyberattacks continue to begin with a malicious email, and those without a malicious payload are getting more and more difficult to detect. 

Digital executive protection’s role in reducing risks from cyberwarfare 

A fifth best practice is to ensure that your company leaders are protected in their personal digital lives. As China recently showed the world by hacking the personal emails of US government officials, there is no separation in cyberware between one’s work and personal lives. Hacking executives to move laterally into the organizations that they lead is now a mainstream threat. 

Due to privacy laws, CISOs are limited in protecting personal digital lives. Fortunately, that’s exactly what BlackCloak was created to do. BlackCloak extends enterprise security beyond the perimeter, empowering executives to take control of their online privacy and cybersecurity while simultaneously reducing risk to the enterprise. 

It is my sincere hope that this needless war comes to an end with haste. The loss of life and property is as heartbreaking as it is irreversible. It is also my hope that the cyberwar can de-escalate without further impact on an international scale. 

As former President Theodore Roosevelt once said, “It is not the critic who counts; not the man [and woman] who points out how the strong man stumbles…the credit belongs to the men [and women] who are actually in the arena; whose face is marred by dust and sweat and blood.” 

To those men & women “in the arena” of this war, please do everything that you can to bring peace and prosperity back to Eastern Europe as quickly as possible. 

The post Preparing for Collateral Damage From the Russia-Ukraine Cyberwar appeared first on BlackCloak | Protect Your Digital Life™.

*** This is a Security Bloggers Network syndicated blog from BlackCloak | Protect Your Digital Life™ authored by Chris Pierson. Read the original post at: https://blackcloak.io/preparing-for-collateral-damage-from-the-russia-ukraine-cyberwar/