The Russia-Ukraine War Has Clear Cyber Security Implications for Your Organization

Kenneth A. Bouche

The Russian invasion of Ukraine has escalated the threat of Russian state-sponsored cybercrime worldwide.

Share this post

With heavy economic sanctions being levied against Moscow by Western allies, officials fear broader cyberattacks could occur in retaliation for these measures or other moves supporting Ukraine. Governments and intelligence agencies have warned that nearly all organizations are at risk from Russian cyberthreats, whether state-sponsored or led by criminal organizations.

Although malicious actors may strike at any institution, they are most likely to target supply chain and financial institutions due to their impact on the American economy. Sectors at risk include defense and critical infrastructure (e.g., utilities, manufacturing, healthcare, energy, food supply), financial institutions, retail companies, technology firms, and cryptocurrency exchanges.

An Unpredictable Cyberthreat Environment

Business leaders, CISOs, and security operations personnel need to be concerned not only with hackers penetrating their defenses on behalf of the Russian state but also criminal elements taking advantage of the current tumult to line their pockets.

Ransomware attacks have become rampant in recent years with Russian hackers playing a prominent role. In their most recent Crypto Crime Report, Chainalysis reported that approximately 74% of 2021’s ransomware revenue - over $400 million – went to attackers who were highly likely to be affiliated with Russia.

In 2020, Russian hackers carried out perhaps the largest and most sophisticated cyberattack in history by breaching 18,000 computer networks through malware inserted into a software update for a SolarWinds product. The breach allowed hackers access to top-level communications from thousands of private companies and government agencies, including the U.S. Departments of Justice, State, Treasury, Energy, and Commerce.

Expect an Attack, Strengthen Your Defenses

With Russian cyberattacks becoming increasingly common over the last 15 years, businesses should expect an attack in the near future and be prepared to defend themselves. Such an attack could be retaliatory or simply because the bad actor finds the timing of the Russian invasion advantageous. Organizations can utilize the following strategies to ensure their systems are secure against a cyberattack.

  • Patch vulnerabilities! The vast majority (99.7%) of vulnerabilities identified in CISA’s Known Exploited Vulnerabilities Catalog can be patched. Prioritize patching by common attack vectors. Then configure updates and manually patch where necessary. Scan for CISA’s Known Exploited Vulnerabilities and repeat regularly.
  • Closely monitor logs by checking for patterns and outliers. Investing in a Security Information and Event Management (SIEM) solution can provide valuable insights into what is going on inside of a network.
  • Control web traffic through firewalls, web content control and DNS content filtering.
  • Secure your applications through cloud applications and accounts. Multi-factor authentication is the most important safeguard a user can implement.
  • Back up your systems and test your backups! A backup that hasn’t been tested is just an expensive doorstop.
  • Manage the human element. This is inevitably the most difficult task. A study by IBM showed human error to be a primary factor in up to 95% of all cybersecurity breaches. Proper user training is imperative in the fight against cybercrime. Mandating password changes using unique passwords, setting account lock-out protocols and performing social engineering tests are critical.
  • Utilize a cybersecurity framework. ISO 27001, NIST 800-53, CIS Controls Framework, or the new Cybersecurity Maturity Model Certification (CMMC) will provide a repeatable and known set of standards to build policies, procedures, and practices to ensure reliable results.

Do Your Part to Prevent Cyberattacks

As security professionals work to safeguard their enterprise, each of us can take steps to protect our own devices and data. As individuals, we can ensure our devices are up-to-date, be mindful of suspicious email, use multi-factor authentication and avoid reusing the same password. By taking protective measures now, future mitigation steps will be less painful and perhaps unnecessary.

Headshot of Kenneth A. Bouche

About the author

Kenneth A. Bouche
Ken Bouche has established a career as an executive leader and senior advisor at the forefront of applying best practices in management and government

Get in Touch

By completing the above form you have read, understood and accept our Privacy terms as well as our Cookie terms. Read our Privacy Policy.

Jensen Hughes ensures non-discrimination in all programs and activities in accordance with Title VI of the Civil Rights Act of 1964. If you need more information or special assistance for persons with disabilities or limited English proficiency, contact the Jensen Hughes Compliance Team at 410-737-8677 or 

More blog posts from Jensen Hughes

Take Your Emergency Management Program to the Next Level with Consequence Management

Sep 29, 2023

Learn how to increase the efficiency and sustainability of your program so you can be better prepared for your next emergency event

Read more
The Human Impact in Emergency Incident Response: Part Three – Five Tips on Transitioning Emergency Responders Back to Regular Work

Sep 12, 2023

Transitioning from a period of long hours, intense engagement and sometimes traumatic experience can be difficult for workers.

Read more
The Human Impact in Emergency Incident Response: Part Two – Ten Tips on Taking Care of Emergency Response Team Members

Aug 14, 2023

Providing support to response teams ultimately helps reduce stress, maintain decision-making ability and prevent burnout.

Read more