World prepares for cyber-attacks as Ukraine conflict intensifies
Whilst it is to be hoped that the heightened tensions between Russia and the Ukraine can be resolved diplomatically and quickly, it is believed that the first warning shots have already been fired.
On the 14 January 2022, 70 Ukrainian government websites were targeted by a massive cyber-attack, an attack that officials suspected had been carried out by Russia. Ukraine’s Digital Transformation Ministry stated that the country has evidence of Russia’s involvement, a claim strongly denied by the Kremlin.
Hackers left a message on the Foreign Ministry website, according to reports. It said: “Ukrainians! … All information about you has become public. Be afraid and expect worse. It’s your past, present and future.”
This cyberattack has only led to increasing the tension level between the two nations, with Ukraine claiming that Russia is preparing for a military attack on its land, by massing 100,000 troops along its borders. Today, Thursday 03 Feb, NATO Secretary-General Jens Stoltenberg announced that Russia has deployed about 30,000 combat-ready troops and weapons to Belarus, a country located roughly 100km from Kyiv.
Former world heavyweight boxing champion, Vitali Klitschko, now Mayor of Kyiv, believes that this aggression is part of an attempt by Russia to rebuild the Soviet Union. Moscow’s actions have been widely condemned and many Western Leaders have pledged financial and military support to Ukrainian President Volodymyr Zelensky.
As the world looks on, and prays for a peaceful resolution, attention has now focused on the potential threat that a cyber-attack could have on global IT systems.
Whilst there currently no evidence to suggest that a cyber-attack is imminent, Russia does have history in this area. Back in 2017, suspected Russian hackers released the NotPetya virus, targeting Banks, the media, and enterprises, causing an estimated $10bn in damages. The malware which took hold by hacking a popular tax reporting software was detected across 64 other countries, including the UK.
At the time, experts suggested that the NotPetya attack was designed specifically to affect the Ukraine’s economy and was part of a long-planned destabilisation strategy.
As a result of the 14 January cyber attack, UK organisations are being urged to ensure that their cyber defences are fully prepared and on alert.
The National Cyber Security Centre (NCSC), a part of GCHQ, has updated its guidance telling firms to “build resilience and stay ahead of potential threats”.
Defences such as firewalls, malware protection, patch management, password policy and access control are all key in preventing, detecting and mitigating the effects of any attack – provided they are all up to date and fit for purpose.
Another key defence is DDoS (Distributed Denial of Service) mitigation – the filtering out or ‘scrubbing’ of malicious traffic to prevent it from reaching the intended targeted asset. Often discounted by smaller businesses as an expensive or complex defence system if directly owned and managed, it is offered by service providers such as vXtream as a 24 x7 managed service.
Combined with core asset security, DDoS provides a multi-tiered approach to cyber defence. mitigating the unpredictability of when and where these attacks will occur.
Until we have the equivalent of a digital Geneva Convention, we must seek to protect our virtual borders as we would our physical ones.
For details on the security services that vXtream offers, please reach out to one of our experts.
Image copyright Shutterstock