Given the recent escalation in the conflict between Russia and Ukraine, the probability of cyberattacks against companies in the U.S. and other NATO allies is high. As a result, businesses of all sizes and industries need to review and solidify their cybersecurity preparedness.
As an organization, you should review your business continuity plans (BCP) and reach out to critical vendors and partners to determine how they are preparing for the impact of this potential threat. In addition, work with stakeholders to identify critical systems/data and ensure sufficient offline backups.
Review Key Areas
- Focus on enabling additional logging for SMB, RDP & SSH, disabling protocols that are not required and deploying internal network monitoring.
- Enable firewall logging at the perimeter and on Windows endpoints, configure NetFlow collectors inside the perimeter and configure DNS logging on DNS servers.
- Secure and inventory all business-to-business (B2B) VPNs, implement monitoring and determine triggers for disconnecting them to limit risk exposure.
Prepare Your Teams
Alert teams to suspicious activity. Remind them to examine emails, links, and websites before clicking or responding. Ask your teams to:
- Follow IT guidelines, be extra vigilant and report suspicious emails
- Practice good cyber hygiene
- Ensure all passwords on their systems such as routers or any Internet of Things (IoT) are not factory default
- Review their passwords on standalone systems at work and at home
- Make passwords unique and ensure they are complex
A significant cyberattack resulting from the conflict will likely break up communications and supply lines. Such attacks are easy, non-kinetic, deniable, and can launch from anywhere in the world. As a result, cyberattacks could easily interrupt daily operations. As you go about your day-to-day routine, think of what you would do and prepare in the event of an attack that might take down your systems.