Modern warfare is increasingly fought in the cyber sphere.  The Russia–Ukraine conflict has brough this threat very much to the fore as discussions continue on potential retaliatory activity by Russia for the disruptive economic sanctions imposed by Western allies.

Is now the time for ‘Shields Up’ as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently recommended?  Could it be that Russian cyber threats are merely a distraction from the real warfare on the ground in the Ukraine, or do global businesses need to take action now to protect their systems and information security?

We’ve compiled a few actions to take now to give your systems a cyber threat check in light of the global situation.

Test and Review 

Incidence of Russian cyber-attacks have been well-documented in recent years.  Use your time to research how previous cyber-attacks have been carried out to help update your response action plan considering any future incident.  Although no one can be certain of the specific type or target of attacks in the future, having previous knowledge of Russian cyber threats and reviewing incident plans to take this into account will give you the best chance to act quickly and decisively if needed.

Trusted External Resource

When cyber-attacks occur, they can be fast and immediately disruptive to business activities.  The global information security community has been quick to mobilise during previous cyber threats to establish causes and find solutions.  Keeping this in mind, having trusted third parties available for swift exchanges of information can be essential to securing details in the event of a fast-moving threat.  Utilise trusted government outlets where necessary for updates on threats but remember to thoroughly vet any sources before sharing information or details.

Links to Russia

It may seem obvious, but part of the review process when preparing your business for cyber-attacks should be to assess potential business links to Russia.  Could Russian counterparts have access to information networks or data servers through the supply chain or other means?  Do third party suppliers or other parts of your supply chain hail from locations which could represent a risk?  Outsourcing of software development, sometimes to locations like Russia, can mean it’s more important than ever to have eyes on how suppliers, consultants or other third parties will resource projects in relation to your own cyber security.

Back Up Processes

Cyber threats will always require quick thinking and even quicker actions but ask yourself, could you restore your system quickly and in full operational mode? Take a few practice runs and check back up processes are working.  Make sure you have a comprehensive list of recovery steps to work through with timelines of how quickly you can get systems back on line in an emergency.  Communication will be key during a cyber threat so having knowledge of how long it takes to restore services will help allay fears and retain confidence.

Identify your Weaknesses

Keeping abreast of previous cyber threats can give ideal real-world examples to create models to practice against.  Use this information to carry out example attacks – or red team engagements – and see how your systems respond to help identify weaknesses in advance.

Remote working Risks

The Covid Pandemic has opened businesses up to the idea of employees working from home with remote access.  Although quite often set-up quickly in response to lockdowns, take the time to assess how robust remote access to a network is and set up multi-factor authentications across the board. No employee should be remote accessing a network without at the very least two-factor authentication for full security adherence.