Over the past few weeks, the number one question we've received: "Is Russia/Ukraine, going to hack us all??". It's a good question and a very valid concern for today's businesses, many of which rely on the globally connected internet and the cloud services which reside there.
So, is Russia/Ukraine/China/etc going to hack us all?
First, we'll start with the current state of things. Thus far, attacks from both of the conflicting nations have largely been directed at each other with Russia taking the brunt of the hits. Nation-state level cyber activity from/against other nations hasn't really changed all that much. In other words, things have been surprisingly quiet.
That said, looking at the current geopolitical landscape, nobody should be resting on their laurels or thinking things may not escalate. So what exactly should businesses be doing? Well that depends on a few things:
Are you actually in Russia/Ukraine?
If so, it's time to secure all the things. If not...
Are you currently doing business in Russia/Ukraine?
If you have a physical presence in either country then you should be working towards segmenting your networks on a national scale (something we recommend you do anyway) and monitoring for unusual activity across those network boundaries. If you don't have a physical presence but do business internationally, ensuring things like email security are up to snuff becomes the priority.
Is your business currently none of the above?
If your business is none of the above, and you're not a defense contractor or in public utilities, then do the following: Take a deep breath and calm down. There's nothing extra you will need to worry about doing right now that you shouldn't already be doing. Adhering to current cybersecurity best practices like CIS Critical Security Controls (which are the basis of our continuously-evolving security framework) is something all businesses should be working towards.
If you're not yet focusing on these practices then the absolute minimum you should be doing is Basic Security Hygiene. Things like:
- Using unique passwords for your own and employee logins
- Use Multi-Factor Authentication wherever possible
- Patch/update all of your systems
- Don't allow unknown devices into your network
will go a long ways to protecting your business, not just from nation-state attacks but any sort of attack as detailed in our previous article on who the bad guys are.
Predicting the road ahead
Unfortunately, I would be lying if I said I or anyone else knows exactly how things are going to play out in the future. Anything said currently about what will or will not happen is pure speculation. As a result, it's important to focus on what you can control in your company and ensure it can stay as resilient as possible. If you or anyone you know needs help doing it, we're here to help. Just give us a shout anytime.