The CyberWar to Date
From the onset of war in Ukraine, it was apparent that Russia’s ‘boots on the ground’ approach would be supplemented by a parallel cyber-attack on Ukraine’s digital infrastructure.
Despite Russia’s initial offensive, Ukraine has been able to retaliate through the support of its own cyber activities and the hacktivist collective group Anonymous, with the group declaring war on Russia and calling upon its global following of cyber soldiers to target Russian systems.
This call to online arms, seems to have paid dividends for Ukraine, as last week Anonymous took credit for hacks on several Russian government websites and media outlets, with Russian TV channels being made to play Ukrainian music and show uncensored news coverage of the conflict in Ukraine.
Additionally, the group has been able to access and publish Russian Department of Defence data, emails from Belarusian weapons manufacturer Tetraedr and data from the Russian Nuclear Institute. Moreover, Anonymous have warned that if tensions continue to worsen in Ukraine, they will take industrial control systems hostage.
The group reported the first of these more significant attacks on Friday when Network Battalion 65, a group affiliated with Anonymous, posted a tweet claiming to show server information for the Russian space agency. The group tweeted that they had downloaded and deleted confidential files related to the space agency's satellite imaging and Vehicle Monitoring System. However, these claims were quickly dismissed by the Russian government, with Director General Dmitry Rogozin adding that Russia would treat any hacking of its satellites as a justification for war.
Implications for the World
On the surface, this may appear to be cyber warfare between the Ukraine and Russia, but it is quickly becoming an online battle between Russia and the western allies.
Reports today suggest that Russia has begun a cyberwar against the U.S. in retaliation to recent sanctions targeting the Russian banking system and other major industries. This sentiment is echoed in the UK with Jeremy Fleming, GCHQ Director, reportedly taking steps to brief UK businesses on strengthening their cyber security efforts in light of an ongoing cyberwar.
The U.S also appears to have prepared for this outcome, with The New York Post reporting, that the President’s administration had been working with bank and other major industry executives to prepare for cyber-attacks.
Cyberattacks on major banks and businesses are not a new occurrence, with these organisations being constantly under threat from cybercriminals, but this online warfare is likely to intensify, affecting a far wider range of organisations. Therefore, it is vital that businesses of all sizes are taking measures to ensure the security of their online presence and the data that they hold.
Preventive Measures
The attacks already carried out by the Ukraine, Russia, and Anonymous illustrate how even the most sophisticated of security systems can be infiltrated to create significant damage. However, it is still crucial that preventive measures are undertaken to make infiltrating your security system significantly more difficult for cyber attackers and ensure that as a business you are prepared to deal with such attacks.
1. Make sure your domains are in your domain – Undertake a domain audit to ensure that all domains related to your brand are under the companies control and are centralized with one provider, ensuring that any issues that arise can be dealt with swiftly and effectively.
2. Conduct a cyber security audit – Conduct a general audit on your security infrastructure to assess how well your current system would hold up against a cyber-attack.
3. Create a cyber security plan – Create a clear plan that can be used should your organization face a cyber-attack, enabling you to undertake quick and effective steps to secure your business and get back to standard practise as quickly as possible.
4. Conduct cyber security staff training – Cyber attackers will look for any loophole in your online security to enable them to undertake an attack. This could mean targeting employees as well as the business. Therefore, it is critical that all employees are trained to stay safe online and what to do should they believe they have been targeted.
Should you want any help or advice about protecting your brand online, please reach out to our brand protection team.
Lexsynergy stands with the people of Ukraine.