Russian Cyberattacks: What Small Businesses Need To Know
New and ongoing intelligence reveals evidence that Putin and Russia are considering options for cyberattacks against Western nations and especially the United States.
If President Biden's warning reveals anything, the impending attack from President Putin is expected to have drastic and severe consequences for businesses and individuals alike. As a business leader, what can you do?
The potential for cyberattacks from Russia would come as retribution for Western nations imposing historically harsh sanctions after its president's invasion of Ukraine. As we all know, modern warfare goes beyond picking arms and rushing to battlefields. Today, the battle is brought right to your desk.
Here's what you need to know about the potential for a Russian-led cyberattack.
Russia Has The Capability To Attack
President Biden continues to warn the nation’s business leaders that we’re in the ‘critical moments’ of getting ahead of Russian cyberattacks, and that we need to enhance domestic cybersecurity.
President Biden issuing his warning to all business leaders is indication enough that Putin is willing to roll out cyberattacks sooner than expected and that the Kremlin, unhappy about the invasion's progress, is currently considering options.
Russia maintains that it has cyberattack options and capabilities that include:
- Russian State-sponsored threat actors like Sandworm, Gamaredon, and APT28 and 29
- UNC1151, who are linked to the Belarusian government
- Conti, a Russian cybercrime syndicate
Conti is responsible for ten percent of the ransomware attacks that targeted MSPs in 2021 and continues to target healthcare organizations. These three threat actors have successfully penetrated even the most secure private businesses, governments, and NGOs using cyberattacks.
In fact, Russia has been hitting the Ukrainian government agencies with a series of cyber attacks for years. Some of the most noteworthy attacks on Ukraine from Russia include the WhisperGate malware, the power grid attack of 2015, the Ukrainian government website defacement, and the DDOS attacks that target Ukrainian entities like the armed forces, public radio, and defense ministry.
The most recent attack tied to Russia was the cyberattack on the US telecommunications provider Viasat on February 24, 2022. In this attack, Russia took the satellite modems that provide internet service to thousands of customers in Europe offline, affecting some Ukraine modems. The US suspects that these were Russian-sponsored cyberattacks.
Don't let cyber predators infiltrate your systems. Contact us today to see where vulnerabilities may be in your infrastructure.
Taking Heed Of Government Warnings
The Treasury, Energy and Homeland Security departments are warning business leaders, especially those in the financial and critical infrastructure sectors like gas, water, power, and the internet, to keep a keen eye on suspicious cyber activities.
Most recommendations include scanning networks and websites to find software vulnerabilities that can initiate attacks that include ransomware, DDOS attacks, and disk wipers. But with the FBI supporting the government warnings, there has been widespread concern that more is needed and lingering sentiment that we might not be ready for whatever Putin has planned.
That's part of the reason Biden issued the Executive Order for improving the nation's cybersecurity– to tell businesses to add protection endpoints and look for any signs of malicious activity that indicate an attack in motion.
Did you hear? The NY Times reported that the United States secretly removed malware from computer networks worldwide to pre-empt Russian cyberattacks and send a message to Putin and Russia.
Even though the federal government continuously uses tools to mitigate and disrupt cyberattacks against these important infrastructures, more needs to be done to defend the nation against possible attacks. More small business leaders are becoming aware of the problem and how it's become almost a patriotic obligation to tighten your cybersecurity.
My administration will continue to use every tool to deter, disrupt, and if necessary, respond to cyberattacks against critical infrastructure," Biden said. "But the Federal Government can't defend against this threat alone.
What You Can Do
Every small business owner should ensure that efforts are put in place to lock any vulnerable digital doors in their businesses. This starts with gathering knowledge about the critical impact the Russian government can have and actively finding ways of protection.
A cybersecurity risk assessment is an excellent strategy to gain insight into the status of your cyberattack preparedness. Once you know your security vulnerabilities, you can create an incident response plan and adopt systems and solutions that enhance your protection.
Some of the steps to take to protect your business against any cyberattack are:
- Adopting a multi-factor authentication for your business and users
- Adding an endpoint detection and response solution
- Implementing security information and event management systems
- Changing passwords across all your online systems and networks to ensure you are protected against attacks like identity theft or ransomware
- Always initiating backups and software updates
- Removing internet-facing management consoles
- Training every employee on security awareness
Here are some other ways you can protect your SMB against cybercrime
Don't forget to get the help of a cybersecurity expert who will show you where your vulnerabilities are lurking and provide guidelines on ways to mitigate them. Additionally, lower the threshold of identifying and reporting potential cyberattacks to ensure you don't dismiss any threats unknowingly.
Have peace of mind. Let's see where you stand with a cybersecurity risk assessment.
Go beyond preparation and think about how fast you can respond to an attack. For instance, when backing data, have them in three copies, one of which must be an offline copy of the data, and the remaining two should be on different media.
Another way to protect your business is with cyber insurance. Some ransomware attacks extract millions of dollars from their victims. Cyber insurance is a security blanket that will help with damages and losses if you are a cyberattack victim.
Training your employees is equally important because most of these attacks start with one unsuspecting employee. A phishing email can cause irreparable damage to your entire organization. As such, develop a cybersecurity training and development program for every employee.
We're not taking these warnings lightly because it is an indication that the threat or problem raised is a matter of great concern. Every business leader should listen to the warnings and heed directives given by Biden's administration and start building a strategy to protect their business beforehand.
Be prepared by reducing security gaps, increasing the posture of cybersecurity in your organization, and enhancing your vigilance.
What are you doing to protect your and other businesses against a Russian cyberattack?