How to Prepare Your Business for Cyber Threats During the Russian Invasion of Ukraine

Tensions between Russia and Ukraine continue to escalate, and cyber threats are becoming a more serious problem—not just for companies in both nations, but also for those who offer help.

You might be thinking that there would be no reason for an international cybercriminal to target your SMB. But what about the large corporations that you rely on for business processes—the makers of the software, devices, and platforms you use? Even small businesses need to be on careful watch. 

The U.S. Cybersecurity & Infrastructure Security Agency even recently issued the “Shields Up” warning, saying, “every organization—large and small—must be prepared to respond to disruptive cyber activity.” So what can you do to prepare?

How Could the War Affect Cybersecurity?

In times of war or other international conflict, countries are more likely to become targets of cyberattacks because they are seen as potential weak points that can be exploited to gather intelligence or cause damage.

For example, during the Russian invasion of Ukraine in 2014, several Ukrainian government websites were hacked and taken offline. These included the website of the President of Ukraine, the Ukrainian Parliament, and the Ministry of Foreign Affairs.

Similarly, the 2017 NotPetya cyberattack, which was initially thought to be targeted at Ukraine but was later found to be part of a wider campaign, also caused significant damage to Ukrainian businesses. NotPetya is estimated to have cost Maersk, one of the world’s largest shipping companies, up to $300 million.

So, even if the war feels far away, it takes only one second for a cyberattack to cross thousands of miles and reach your business. 

7 Tips to Protect your SMB from Wartime Cyber Threats

There are several steps you can take to protect your business from cyber threats in the event of a war or other international conflict.

1. Keep your software and operating systems up to date. Regularly back up data, air gap, and password-protect backup copies offline. Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides. This will help to patch any vulnerabilities that could be exploited by attackers.

2. Use strong passwords and two-factor authentication for all accounts. Two-factor authentication makes it significantly harder for attackers to gain access to your systems.

3. Implement a recovery plan. A recovery plan ensures you have multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., hard drive, storage device, the cloud).

4. Audit user accounts with administrative privileges. Make sure you configure access controls with least privilege in mind.

5. Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN if you don’t already have one.

6. Disable unused remote access/RDP ports. You should also monitor remote access/RDP logs and require administrator credentials to install software.

7. Speak to a cybersecurity expert about cybersecurity awareness and training. Regularly provide employees with training on information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities (i.e., ransomware and phishing scams). A cybersecurity expert will be able to offer advice on how best to protect your business from cyber threats.

What Would a Cyberattack Look Like? 

During a war, businesses may be targeted by nation-state-sponsored cyberattacks, as well as by attacks from criminal groups and individuals.

Cyberattacks can take many forms, but some common types include:

  • Denial of Service Attacks: These attacks aim to make a system or website unavailable by flooding it with traffic or requests.
  • Malware: This is malicious software that can infect a system and allow an attacker to gain control of it.
  • Phishing: This is a type of social engineering attack that tricks users into revealing sensitive information, such as passwords or bank account details.
  • SQL Injection: This is a type of attack that allows an attacker to execute malicious code on a website or database.

Final Thoughts

By following these tips, you can help to protect your business from cyber threats during times of war.  However, it is important to remember that no security measure is 100% effective all on its own and that cyberattacks can still happen.

If you are concerned about the possibility of a cyberattack, It is important to talk to a cybersecurity expert who can help you understand your risks and what you can do to protect yourself. At AIS, we’ll walk you through everything you need to have maximum cybersecurity. Reach out to us today!

Skip to content