5 Questions Every CSO Should Ask Amidst the Ukraine-Russia Conflict

admin 14th May 2022

Spread the love

The world is facing unprecedented geo-political challenges that are impacting businesses everywhere. Amidst the financial strain brought on Since the conflict began, governments have continued to warn organizations around the world to be on guard for a rise in nation-state sponsored cyber-attacks. On April 20th, the CISA, in collaboration with multiple cybersecurity agencies of other Five Eyes countries, released a joint cybersecurity advisory. The latest advisory, citing evolving intelligence, again warned businesses of potential cyber fallout of the Russia Ukraine conflict and updated the previously released TTPs that cyber defense teams should review.

21st Century Code Wars

Cyber-attacks, as part of Information Operations, are widely considered as the Fifth Dimension of Warfare and is now seen as an extension of nation-states’ military power, given their ability to disrupt critical infrastructure and systems countries rely on, such as its telecommunications, energy and transportation services.

From the earliest example of cyber-attacks against Estonia and Georgia — the use of cyber to gain geo-political advantage is not new. Perhaps the most recent example of this has been between Israel and Iran — a conflict that dates back a decade. One of the most serious incidents involved an attempted attack against an Israeli water facility in which hackers tried to increase chlorine levels into the region’s reservoirs. Hundreds of civilians would have been affected if the attack was successful.

Today, as the conflict in Ukraine continues, Russian state sponsored cyber actors have already deployed large-scale attacks on Ukrainian critical infrastructure. Take for example the attack on Ukrtelecom, the country’s largest national telecommunications. Although the attack was detected quickly, it caused severe internet outages throughout the country where connectivity dropped to 13%.

Navigating a Tumultuous Threat Landscape

Unfortunately, it may only be a matter of time until other nations and businesses outside of conflict boundaries find themselves in the line of fire. Against this backdrop, security leaders everywhere must act with urgency. The CISA Advisory includes specific details about relevant threat actors, their associations, attributed TTPs and comprehensive preventive measures business can take in response to this crisis. However, every business can be at a different point on their respective security maturity journeys, and for many it starts with asking these five simple critical questions:

Is your perimeter continually assessed protected? Be aware of and solve for the challenges presented Even though entities with large EU presence and certain industry verticals like Finance, Oil Gas, Energy Transportation need to be extra vigilant, any cyber-attack is unlikely to adhere to sectoral or other boundaries. If the interdependent nature of supply chain and 3rd party risks has taught us anything, it is that regardless of your industry vertical, you can be a target if your customers operate in these areas. Every security leader needs to make smart preparedness their core focus today and improve their ability to withstand and recover from an attack with minimal business disruption.