It's been confirmed that cyberattacks are being used in the current conflict between Russia and Ukraine. But could this affect companies here in the U.S.? Partners Jason Pill and Walt Green met to discuss the risks and how businesses should prepare for possible breaches.
Watch the full discussion in our first Phelps 5 for 5 video or keep reading for highlights from their conversation.
Jason Pill: How would you describe the current cyber warfare we're seeing in the Russia-Ukraine conflict, and how does it compare to the types of cyberattacks we've seen in the past?
Walt Green: We're certainly seeing new warfare there on the cyber front. Russia, China, Ukraine, Belarus and the U.S. are all involved in some type of cyber warfare or remediations. Russia is trying to bring down computer networks and communications systems to break up Ukraine's command and control systems. And it's recently been verified that China attacked over 600 Ukrainian websites right before the conflict started. Belarus has also been affected. They were moving troops through their country in support of Russia, and their railway systems were hacked to slow them down. And the U.S. and companies like Cisco are helping Ukraine kill trojans that are trying to take over remote access of their computer networks.
Jason: And how are the issues there impacting domestic companies and their cybersecurity risks and risk profiles?
Walt: President Biden told us to harden our cyber defenses, and that's likely based on actionable intelligence that Russia intends to use cyber warfare against us at some point. The Cybersecurity and Infrastructure Security Agency is also warning us of the same thing. In fact, the FBI just notified five U.S. energy companies that their systems were being scanned by Russian hackers.
We have to remember that cyber warfare has no boundaries. As more problems occur in Russia and the more desperate they get, the more likely they are to use other tactics such as cyber warfare.
Jason: What industries should be on higher alert for potential cyber breaches?
Walt: The Cybersecurity and Infrastructure Security Agency specifically mentioned that the aviation and energy sectors and critical infrastructure, like the military and supply chains, need to be on alert. But like we saw in 2021 with the JBS attack and the attack on Colonial Pipeline that affected two of our critical infrastructures, we all must be on high alert.
Jason: What should companies be doing or not doing to bolster their cybersecurity protections and security protocols?
Walt: You can begin by validating your remote access. If you have people working away from your office, be sure to use multifactor authentication when using remote access. Ensure that all of your administrative access is validated. Also, make sure that your software is up to date, especially your security patches. And make sure they're automatically on if you can do so.
This is also a great time to look at your cyber insurance or review your policy to see what's covered and what isn't. If you don't have cyber insurance yet, this is the time to consider it.
Likewise, look at your incident response plan for cybersecurity. Bring your C-suite in to make sure they understand the process if and when you suffer a cyberattack.
You need to prepare for the worst. Can you rebuild your critical systems to carry on your businesses after an attack? That's what you have to be prepared for.
Jason: As a former U.S. Attorney and employee of the Department of Justice, what can the federal government do to help curtail this improper cyber activity and cybercrime?
Walt: There's three things they can do and continue to do. The first is to continue to place a priority on the indictment of cyber criminals, which we know the DOJ does. Along with that, we need increased cooperation of other nations, because these criminals are often outside the U.S. Once we indict them, they need to be brought to the U.S. to answer for their crimes. The third is increased regulation and transparency related to cryptocurrency. Anonymity fuels ransomware. That is to say, cryptocurrency fuels ransomware. They need similar regulations and rules as our banking industry so we can help stop malware.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
