Cybersecurity has always been of extreme importance, but the conflict between Russia and Ukraine has placed an even heavier emphasis on it. Our CTO, Eric Aslaksen, Head of IT Security, Thomas Jefferies, and Sr. Security Consultant, Jesson Soto Ventura, explain what this means for businesses and effective preventative measures they can take.
First, we’re seeing an increase in state-sponsored hacking, hacktivism and black hat threat actors. Critical infrastructure and financial organizations are being particularly targeted, and should be on high alert for DDoS attacks, data wiping attacks, espionage, defacement of websites and disinformation attacks.
All other organizations should also remain on the lookout for low effort hacks by hacktivist groups, including data dumps, website defacements and service takedowns. APT groups are another threat to be aware of, as they are well-funded by nation states and specialize in unleashing havoc as effectively as possible while furthering their agendas as quickly as possible. Other non-politically motivated groups will also be more likely to pose a threat in this climate, contributing to the overwhelming noise caused by these incidents.
Here are some preventative measures businesses can implement to stay ahead of these threats:
- Validate appropriate visibility in environment
- Fully implement a complete SIEM backed up by an appropriately staffed and managed SOC
- Review and test incident response, backup and disaster recovery plans
These times are filled with a lot of uncertainty. Our cybersecurity team is here to help. We’re prepared to take on any challenges this situation may cause, while strengthening your security posture far beyond its impact.