Russia’s invasion of Ukraine has sent shockwaves across various sectors, including the cyber realm. The conflict has not only led to physical warfare but has also sparked a wave of cyber and information operations orchestrated by nation-state-sponsored actors and individual hackers and hacktivist groups.
The UK’s NCSC has warned that cyber operations arising from the conflict will extend beyond government institutions to target private businesses, especially those involved in critical infrastructure and services. A recent report by Forrester goes even further, stating that the invasion has permanently altered the cyber-threat landscape. The report emphasizes the need for security leaders in all organizations to be prepared for this new environment, as the conflict shows no signs of abating.
Here are 10 key takeaways for CISOs from Forrester’s report:
1) Organizations that have taken a stand against the war will be at heightened risk of cyber-attacks. Brands that have publicly condemned the invasion may become targets for Russian state-sponsored threat actors, necessitating increased cybersecurity measures.
2) Insider threats are likely to increase, as employees may hold differing views on the conflict. Organizations should enhance user monitoring and access controls to mitigate the risk of insider attacks.
3) Cryptocurrency theft and usage are expected to rise as Russian actors seek to evade economic sanctions. Companies involved in cryptocurrency transactions should be extra vigilant.
4) Cyber-espionage activities are anticipated to intensify post-conflict, with Russian threat actors targeting corporate communications. Organizations should prioritize encryption and other security measures to protect sensitive information.
5) Stay informed with advice from national cybersecurity authorities, such as CISA and NCSC, to implement recommended security measures effectively.
6) Enhance communication with security vendors to bolster protection for critical assets and receive timely threat intelligence updates.
7) Improve threat intelligence practices to respond rapidly to evolving cyber-threats. Establish relationships with trusted experts for reliable advice on threat mitigation strategies.
8) Proactively communicate with business executives to keep them informed about cybersecurity risks and strategies for dealing with new threats.
9) Review DDoS protections and incident response plans to ensure readiness for potential cyber-attacks targeting websites and critical systems.
10) Ramp up incident response preparation by conducting targeted attack simulations and increasing incident responder personnel to mitigate the risk of sophisticated cyber-attacks.
As the Russia-Ukraine conflict continues to unfold, organizations must be proactive in fortifying their cybersecurity defenses to navigate the evolving threat landscape effectively. By implementing these key takeaways, CISOs can better prepare their organizations to withstand cyber-attacks stemming from the ongoing conflict.