Cybersecurity Concerns Surround Situation in Ukraine [Weekly Cybersecurity Brief]

International concerns increasingly include the topic of cybersecurity. Not only can a cyberattack impact the nation it is carried out in, but it can also have widespread effects beyond such borders – especially when you consider the global connection of many operations. Serving as an example to this point is the situation unfolding in Ukraine as tensions escalate with Russia.

Before diving into the cybersecurity-laced aspects, we begin with a very basic breakdown of the current event. Based around Russia’s objections against Ukraine’s involvement with NATO, the political fight between the countries’ parties has led to “a Russian troop build-up of 100,000 soldiers at the Ukrainian border,” according to reporting from Gizmodo. This has fueled worries that the Russian government may intend to further invade Ukraine. Adding to the mounting problem are cyber actions believed to stem from Russia. On January 14th, around 80 websites of Ukrainian government agencies were hacked causing a message to appear that stated, “Be afraid and expect the worst.” Shortly after that incident, another attack hit Ukranian government agencies as well as nonprofits and IT organizations. This time it was a data-compromising malware attack.

In that trickling effect mentioned in the opening, these cybersecurity attacks have spurred warnings elsewhere. Reuters recently reported that Poland issued an alert in response to what occurred in Ukraine. Put out by Poland’s digital ministry, the alert was categorized as “preventative” and was in place until Sunday night. It included a guideline for public administration teams to heighten monitoring initiatives of security and ICT systems in order to block a breach from happening.

Also concerned over the matter is the U.S., leading the Cybersecurity and Infrastructure Security Agency (CISA) to release its own urgent recommendations for organizations across the board to ensure that they have proper cybersecurity measures in place.  On top of continued recovery from a series of other impactful security events that defined last year, the announcement specifically pointed to the events in Ukraine, pushing that steps be taken to “reduce the likelihood and impact of a potentially damaging compromise.” This was particularly emphasized for those organizations that have ties to Ukraine. Such tasks include making sure that remote access involves multi-factor authentication, software is updated, that nonessential ports are closed and that backup procedures are prepared.

Key Takeaways:

“What You Need to Know About the Cybersecurity Risks In the Ukraine Conflict” – Lucas Ropek, Gizmodo

https://gizmodo.com/what-you-need-to-know-about-the-cybersecurity-risks-in-1848399011

  • The current concern over a Russian invasion of Ukraine has been fueled by cybersecurity incidents.
  • On January 14th, around 80 websites of Ukrainian government agencies were hacked causing a message to appear that stated, ““Be afraid and expect the worst.”
  • Shortly after, a malware attack hit Ukranian government agencies as well as nonprofits and IT organizations.

“Poland raises cybersecurity terror threat after Ukraine cyber attack” – Joanna Plucinska, Reuters

https://www.reuters.com/technology/poland-raises-cybersecurity-terror-threat-after-ukraine-cyber-attack-2022-01-18/

  • Poland issued an alert in response to the cybersecurity attacks that occurred in Ukraine.
  • Put out by Poland’s digital ministry, the alert was considered as “preventative.”
  • It included a guideline for public administration teams to heighten monitoring initiatives of security and ICT systems.

“US Organizations Urged to Improve Cybersecurity” – Sarah Coble, Infosecurity Magazine

https://www.infosecurity-magazine.com/news/us-organizations-improve/

  • The Cybersecurity and Infrastructure Security Agency (CISA) to release its own urgent recommendations for organizations, especially those with ties to Ukraine.
  • The announcement emphasized that steps be taken to “reduce the likelihood and impact of a potentially damaging compromise.”
  • Such steps include making sure that remote access involves multi-factor authentication, software is updated, that nonessential ports are closed and that backup procedures are prepared.
Share