As worries of a physical conflict between Russia and Ukraine continue, an attack of a different kind is already under way.
In what is believed to be a Russian cyber attack, Distributed Denial of Service (DDoS) attacks against the Ukraine recently took hold.
Cyberattacks like these highlight the continuing trend of politically motivated nation-state strikes on worldwide IT infrastructure.
Whether to finance illicit operations or simply create a diversion, this Russian cyber attack, and others like it, affect more than just politics and government.
Intentional or not, they cause direct damage to businesses everywhere.
Making matters worse, insurance companies have made it clear they’re unwilling to cover the costs of these nation-state attacks.
Though the US Cybersecurity and Infrastructure Security Agency (CISA) recently published a list of free resources, ultimately, it’s up to you and your business to keep yourself safe.
The Long-Distance Reach of Cyber Attacks
Geographically, Ukraine is far away from the U.S. – nearly 4,800 miles from New York to Ukraine.
But, when information travels over the internet in a split second, they may as well be next-door neighbors.
For example, in 2017, Russian cyber attacks deployed ‘NotPetya’ against Ukrainian entities.
It was a crippling attack. Despite originally targeting Ukraine, due to network connections, the Russian cyber attack spread worldwide, causing $10 billion in damages worldwide.
Though NotPetya might be over, it’s only the tip of the iceberg when it comes to state-sponsored attacks.
Just take a look at a few of the recent examples:
- Cyberattacks linked to China are targeting journalists, spying on them
- The FBI acknowledges more than 2,000 investigations of Chinese attempts to steal U.S. information and technology
- Chinese ransomware gangs are targeting Israeli hospitals
- Hackers linked to Iran attacked VMware Horizon servers in the Middle East and U.S.
- The FBI acknowledges Iranian attempts to influence the 2020 U.S. elections
- The FBI warns of six Iranian ransomware gangs attacking U.S. entities
- North Korea
- Hackers target the International Atomic Energy Agency and South Korean contractors
- North Korean actors stole $400 million in cryptocurrency in 2021
- WannaCry, one of the most infamous pieces of ransomware in years, was developed in North Korea. It took down 80 healthcare facilities in England.
- Russian cyber attacks on the Ukrainian Ministry of Defense and other government services.
- Ghostwriter attacks target parliaments, officials, politicians, and journalists in the EU.
- Hackers breach Democratic National Committee in 2016, Republican National Committee in 2021.
Keep in mind that these are only the ones that were actually discovered and traced back to a particular nation.
There’s no way to be sure how many cyber attacks went undetected, or couldn’t be linked to a source country.
CISA and NSA Warn of Russian Cyber Attacks
The increasing tension over a potential Ukrainian-Russian conflict has led several U.S. government agencies to issue warnings.
First, the U.S. National Security Agency (NSA) guidance cautions Cisco router owners to improve the hashing and encryption algorithms in router configurations, to better improve security for stored passwords.
Second, CISA warns against misinformation, disinformation, and malformation (MDM) attacks that could target U.S. infrastructure.
Lastly, the FBI and the Department of Homeland Security (DHS) warn that Russians have increased their scanning of U.S. law enforcement networks.
While there are no known active attacks, all agencies offer a word of caution: if tensions escalate, expect Russian cyber attacks to strike the U.S. and allies, to distract from the issues in Ukraine.
No More Insurance Payouts?
It’s been several years, and still, the damage from the Russian cyber attack ‘NotPetya’ continues to be unresolved.
Here’s the hang-up.
Modelez’ insurer claims that the NotPetya attack was an act of war, and thus excluded from the insurance policy as written.
While the results of this case will shape how insurers respond to such claims, Lloyd’s of London specifically excludes state-sponsored attacks from their cyber-insurance policies.
It’s a tough pill to swallow, but if you’re hit by a state-sponsored attack, you shouldn’t expect your cyber insurance policy to pay out.
And, you should expect insurers to become increasingly aggressive in their definition of ‘state-sponsored.’
It’s not a pleasant situation, but it is the new reality.
Building a Base of Effective Cybersecurity
Though the list doesn’t endorse any particular tools, it provides a mix of CISA services, open-source utilities, and free tools and services from public and private sources.
But, these aren’t the complete solution you’ll need.
Before resorting to tools, CISA recommends ensuring your organization has already:
- Implemented multi-factor authentication
- Replaced obsolete software
- Replaced or isolated systems, software, or devices with hard-coded or default passwords
- Patched, updated, or isolated known vulnerabilities in software or hardware
CISA also recommends using their Cyber Hygiene Vulnerability Scanning service to detect priority vulnerabilities to fix.
Even a quick look at the examples above show that Russian cyber attacks aren’t the only ones to watch out for.
When countries need to create a diversion, disrupt their opponents, or simply generate revenue through ransomware, cyber attacks have become a go-to method.
And you don’t even need to be in a place of political importance to be struck. The very nature of these attacks mean they’ll spread wherever they can, at the speed of a click.
Collateral damage is just the sad reality.
Keeping your systems up-to-date and secured is your best bet at avoiding an expensive, infuriating disaster.
If you’re looking for a little help with your organization’s cybersecurity or IT needs, contact Ideal Integrations at 412-349-6680, or fill out the form below for a free consultation.
Our experts will discuss your options for tools and services, and set up a custom plan that suits your needs and budget.