Earlier this week, U.S. President Joe Biden warned of the increased threat of Russian cyber attacks in response to sweeping sanctions. As the conflict in Ukraine continues, state-sponsored attacks on NATO members and allies are growing in likelihood, and private businesses are also at risk of being targeted.
In a statement released by The White House, President Biden “urge[d] our private sector partners to harden your cyber defenses immediately.”
As is often the case, there is no firm intelligence of an imminent attack, so it is impossible to warn a certain firm, sector, or governmental body to take specific actions at this time. However, considering past patterns of both state-sponsored and other attacks, it is advisable for all firms to harden their defenses immediately. Drawbridge believes this elevated threat is of particular urgency and concern for our clients in the financial sector and we advise immediate preparatory actions.
To better protect yourself and your organization, we highlight the following points from the White House alert and associated fact sheet:
- Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system.
- Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities.
- Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack.
- Educate your employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as crashing or operating very slowly.
Further, we recommend these additional actions to reinforce your cybersecurity posture:
- Avoid clicking links for news or information about the war from unknown sources, particularly on social media like Twitter and Reddit. If you cannot read the link or preview, it is not advisable to click—now more than ever.
- Avoid government websites for Ukraine or Russia unless you are confident on the destinations of your web links and require their diplomatic services. These sites may be targeted more than others and visiting them, unless absolutely necessary, could pose unique risks.
- Take particular care with supply chain/third-party risks, outsourced software development, and plug-ins to SaaS services such as Slack, Teams, Trello, and Salesforce. If you haven’t performed cybersecurity risk assessments on such services, now is the time to review their origin and cybersecurity measures.