4 Ways your Company is Still Exposed to Ukraine War Cyber Attacks


      4 Ways Ukraine War Cyber Attacks Still Threaten US Companies

      The war in Ukraine is simultaneously physical and digital. To augment their missiles, guns, and tanks, Russia has also been launching cyberattacks on key Ukrainian assets, such as their power grid. At the same time, Ukrainian-aligned groups have been doing the same to Russia, Belarus, and Russian allies.

      Ukraine has no shortage of supporters in this war, and while that may be a plus for them, what does it mean for the cybersecurity of its allies? How can organizations in the United States and other countries avoid getting caught in the cyber crossfire? The key is to know the kinds of attacks to watch out for and how to protect yourself against the most impactful cyber assaults.

      The Kinds of Attacks That Should Be on Your Radar

      Some of the most common threats you need to keep an eye out for include:

      1. Advanced persistent threats (APTs)
      2. Distributed denial-of-service (DDoS) attacks
      3. Malware
      4. Ransomware

      Advanced Persistent Threats

      An advanced persistent threat, or APT, often involves a nation-state actor, such as a foreign hacker supported by their government. The hacker penetrates your system and stays inside for an extended period of time. Their attack method involves remaining within your network or system for weeks, months, or even longer without being detected.

      While inside, they can:

          • Steal sensitive data
          • Spread malware
          • Use your network or computers and servers attached to it to attack other organizations
          • Set up backdoors they can use later to launch a ransomware attack

      Attackers typically launch these kinds of hacks manually, specifically targeting a certain individual, computer, or network component.

      Distributed Denial-of-Service (DDoS) Attacks

      With a distributed denial-of-service (DDoS) attack, the hacker inundates your web server with tons of false requests. As your server tries to respond to each request, it gets overwhelmed and can no longer handle legitimate requests from users or systems. The end result may be a complete shutdown of all services facilitated by your web server. You may also not be able to serve people who are trying to use your website or web application for regular business activities.

      Malware

      Malware refers to any kind of malicious software, and an attacker can use various means of getting it into your system. For example, they can use:

          • Adware: This involves malicious fake advertisements that pop up on your screen. When you click on them, your computer downloads a virus, worm, or another kind of malware.
          • Drive-by downloading: This is when you go to a website that appears to be innocent on the surface, but once you visit it, malware gets downloaded onto your computer or device.
          • Malicious links in emails: Often, a hacker may use an email with a link that, when clicked, automatically installs malware on your system.

      Ransomware

      Ransomware has been on the rise, and it involves a hacker installing malware on a computer or server in your network and then locking it so you can’t gain access. They then demand a ransom payment before freeing up your resource. Russian hackers have been known to execute intricate, effective ransomware attacks, targeting a variety of organizations.

      How to Protect Yourself Against Cyberattacks

      The good news is there are several ways to go about strengthening cybersecurity, including:

        • Patching critical software: This can eliminate threats that the software manufacturer has already addressed in a recent update.
        • Having a response plan: A response plan gives everyone a specific role and outlines protocols for reacting after an attack. As a result, you can prevent attacks from causing damage to other areas of your network and safeguard your most sensitive digital assets.
        • Protecting and backing up data: Securing your data using encryption can be an effective way to safeguard it from exfiltration by attackers. Also, with regular backups, you can always have the data you need on a separate system in the event the primary one gets damaged by a hacker or kidnapped in a ransomware attack.
        • Employing the help of an expert cybersecurity services team: It’s always best to let dedicated professionals handle your security because they have the experience and advanced technology necessary to prevent the most potent attacks.

      Bolstering Your Cybersecurity Posture with GSI

      GSI’s cybersecurity experts have the knowledge and tools to shield you from the most impactful attacks you may face as a result of the conflict in Ukraine. With dedicated security personnel, advanced cybersecurity systems, and a track record of success, GSI’s teams can keep your organization safe during—and after—this war. Connect with GSI today to learn how.

      ABOUT THE AUTHOR

      John Bassett Portrait

      John Bassett is one of GSI's co-founders and has served as its Chief Technical Officer and Chief Security Officer since its inception in 2004. A frequent speaker and lecturer on cyber security and cloud infrastructure, John thoroughly enjoys sharing what he's learned through all phases of his career in information technology. Questions or ideas - connect with him on LinkedIn or send him an email: john.bassett@getgsi.com