SpartanTec, Inc. Wilmington: Do Not Panic About The Russian Cyberthreat

European and US IT security teams should be aware of the possibility that cyberthreat from Russia could target their systems over the next weeks. However, this is not the time to panic. Instead, a rational and level-headed response should prevail.

This is what cyber community analysts and pros have concluded in response to the escalation of tensions between Russia and the US over Ukraine and the very real possibility of an outbreak of war in Eastern Europe. Any such incident will undoubtedly draw in allies of NATO.

This comes just a few days after the US Department of Homeland Security (DHS), warned law enforcement agencies across America of the potential for destructive cyberattacks from Russia-backed advanced persistent threats (APT) actors.

Russian Cyberthreat: A lot of caution

Cybereason’s director of IT security strategy, Ken Westin, stated that the likelihood of a Russian cyberattack right now is low. However, if an agency like the DHS knew of a threat but failed to notify people it could face a backlash. This is why there is a need for a lot of caution.

However, Westin said that the uncertainty surrounding the intentions and capabilities Russia’s offensive cyber team was making it stressful for everyone.

It is better to be safe than sorry in this world of constant cyberattacks and zero-day exploits. It’s better to assume that you are a target than to have strategies in place to match the capabilities of your adversaries. Resilience means being able to plan and exercise your capabilities in order to minimize all possible risks.

New rules

Cyberwarfare is a topic that has been discussed for many years. Many security experts agree that the West has been engaged in a low-level war with Russia for some time. However, escalating the Ukraine crisis into open conflict (a “kinetic war”) accompanied by cyberattacks of this magnitude would be a global first.

The DHS warns that there is a possibility that the threat profile has changed, and organizations should be ready for any changes in the types or attack they see.

Organizations should not be surprised by this alert and asked what they could do differently. An alert like this does not magically eliminate the obstacles to organizations implementing security controls. Cyber security requires constant defense. A DHS alert doesn’t add staff or budget for most companies.

Roger Grimes, a defense evangelist at KnowBe4, stated that he believed it was “fairly normal” for cyber attacks and kinetic battles to be accompanied by them, but that it was possible to target entities other than the government or government-linked contractors or suppliers was likely new.

He said that Russia had made this equation much more complicated in the last year. “Nation-state attack are on the rise and targeting organizations without any direct government affiliation. Everybody seems to be a fair target these day.” This includes small and medium sized businesses.

Grimes believed that the current state of affairs was a major moment of change in the world. He suggested that this could be permanent, even without any kind of Geneva Convention-style agreement for the control of such activities.

He stated, “Right now it is doing whatever you want with almost no impunity, with low risks.” “We live in a dangerous and risky period because no one can predict what the reaction will be if either side goes too far.

Click here for a FREE EXECUTIVE REPORT

The Cyber Security Crisis: Urgent And Critical Protections. We Are Urging All Clients To Have In Place NOW To Protect Their Bank Accounts, Client Data, Confidential Information And Reputation From being hacked.