March 17, 2022
Whether from foreign governments or rogue individuals, the United States and its citizens are constantly under assault in cyberspace. Russia has long been a particularly troublesome source of attacks, especially in the last year or two. In light of the current tumult in Ukraine, some experts say the worst is yet to come.
As Russia continues its military bombardment of that country, increasingly brazen cyber attacks are also on the rise there. “Hacks launched against Ukrainian infrastructure in recent weeks include massive distributed denial of service attacks against banks that disrupted websites and automated teller machines,” the Wall Street Journal reported. “Online disinformation and psychological operations are targeting civilians.”
In response to economic and technological sanctions by Ukraine’s allies, which include the U.S., Russia is rapidly expanding its nefarious operations. “We’ve seen this before, where malware directed to a certain target gets released in the wild and then takes on a life of its own,” House Intelligence Committee head Adam Schiff said recently. “So we could be the victim of Russian malware that has gone beyond its intended target.”
Hear from the expert
Mishaal Khan, Mindsight’s Cybersecurity Practice Lead and a certified ethical hacker, explained what’s already happening and why companies and individuals should make sure they’re protected from what’s coming. Because it’s not a matter of if, Khan says, but when, where and how.
Mindsight: Is this shaping up to be the most intense Russian cyber onslaught ever?
Mishaal Khan: At this point, we can only predict. I consider Russia in the top 10 most powerful cyber armies in the world. So we are dealing with something big that is now motivated, and they have the capacity and capability to perform these attacks. So why wouldn’t they. Look at history, what has been targeted before. Oil pipelines have been targeted, dams have been targeted. All of this critical infrastructure. And the supply chain has been disrupted. And you cannot stop a hacker who is motivated. The stronger the motivation, the stronger the attack will eventually be. When the motivation is political and for their country, they’ll do whatever it takes. Those are the hackers I would fear most.
Mindsight: In terms of the current Russian cyber attacks, it’s not just well-funded government hackers you’re talking about, right?
Khan: Right. Hacktivists, as we call them, are the ones that can become the most potent and deadly. We think money is their motivation when in fact it’s not, it’s just a byproduct. In some of the cases with ransomware nowadays, the primary goal is to destroy data or just to capture data. It’s not even about the money anymore. They just want to expose privacy.
Mindsight: Have you spoken to clients who are worried about this and want to adopt or enhance protective measures?
Khan: Almost every client I speak with these days is worried, and some of those clients show signs of being attacked on their perimeter through random attacks on their firewalls, increased amounts of phishing emails and malware attempts. They’re definitely worried that they may be next, and they’re now looking into their security infrastructure to see if they’re well protected. But it’s unfortunate that security awareness has to come from the news.
What types of cyber attacks are we most likely to see?
Mindsight: What types of cyber attacks are we most likely to see?
Khan: There are two types of attacks that are going to be ramping up or already have ramped up. One is attacks on organizations and individual user accounts that involve random scanning for weaknesses to exploit. That has been going on forever. But now, because of the situation between Ukraine and Russia, it’s going to happen more all over the world—particularly in the U.S. because of its support for Ukraine. The other type of attack is more targeted against anything and everything that’s considered critical infrastructure. It could be supply chain attacks, nuclear facilities, industrial complexes, electrical grids, water supplies, gas supplies. Anything that disrupts the economy.
Mindsight: How much should we make of the fact that tech giants like Microsoft and Google are helping to root out and combat Russian attacks?
Khan: Between Microsoft and Google, they control a large percentage of almost everyone’s daily activities online. So if they are really taking this seriously, it’s very comforting to know that large organizations are stepping up.
Mindsight: Are most U.S. companies ready to protect themselves from these attacks?
Khan: They’re not, but they should be. It starts with awareness. When the President of the United States said we’re ready to respond to Russia, he was alluding to cyber warfare and he only speaks for the government, not for the private sector. The government does not provide any funding or resources to help the private sector with cyber security, so everyone’s on their own.
Mindsight: At this point, is it too late to do anything meaningful if you’ve been slacking off on security?
Khan: No, it’s never too late. The same too-late argument has been given for decades. But stuff like this has not stopped; it just keeps getting worse and worse. More and more companies have default security measures. New software or new infrastructure gets put into place. So at least that baseline has increased significantly from 10 or 20 years ago, which means we’re better off from a security perspective. But the hackers and adversaries are way ahead of us. If you have not yet been the victim of a cyber attack, it’s not too late for you to start patching your systems and increasing your security posture. Even if you’ve done those things, that doesn’t mean the attacks are going to stop. You need to continue protecting yourself, which does not take a lot of time or resources. At the end of the day, it’s just a mindset and a numbers game. There are still many effective proactive measures (see sidebar) you can take that will protect you going forward.
Proactive Measures to Help Prevent Cyber Attacks
- Vulnerability Scans
- Multi-factor Authentication
- Complex, unique passwords using a password manager
- Patches & Updates
- Security Awareness
- Risk Assessments
Like what you read?
Contact us today to discuss your security posture.
Mindsight, a Chicago IT services provider, is an extension of your team. Our culture is built on transparency and trust, and our team is made up of extraordinary people – the kinds of people you would hire. We have one of the largest expert-level engineering teams delivering the full spectrum of IT services and solutions, from cloud to infrastructure, collaboration to contact center. Our customers rely on our thought leadership, responsiveness, and dedication to solving their toughest technology challenges.
About The Expert
Mishaal Khan, Mindsight’s Security Solutions Architect, has been breaking and – thankfully – rebuilding computers for as long as he can remember. As a Certified Ethical Hacker (CEH), CCIE R&S, Security Practitioner, and Certified Social Engineer Pentester, Khan offers insight into the often murky world of cybersecurity. Khan brings a multinational perspective to the business security posture, and he has consulted with SMBs, schools, government institutions, and global enterprises, seeking to spread awareness in security, privacy, and open source intelligence.