Russia has been criticized for its failure to eradicate Ukranian defenses within 72 hours, but these failings have led to the activation of a new hacker defense/attack grid, which will not be deactivated.
Thinking back to some of the largest, most destructive ransomware incidents in recent history, you would be challenged to avoid the mention of Russia. NotPetya alone cost over $10 billion in damages, not to mention relegating a significant player in world trade logistics to the use of carbon paper and telephones. The ransomware package effectively bombed Maersk back to the early 20th century for weeks of recovery and billions in damages.
With this in mind, military officials expected cyberwarfare to be a significant part of the Russian attack.
But for whatever reason, it was not. Russia and its allies have attempted to damage Ukranian computers in border control offices, for example but their attacks have been relatively inconsequential and unambitious. This lackluster offensive has allowed Ukraine to galvanize resources, and report war crimes with actual video footage to the rest of the world.
What has been far more impactful has been the counteroffensive. Mykhailo Fedorov, Ukrainian Prime Minister, has asked for aid from everyone willing to give it. He asked Elon Musk directly to provide Ukraine access to Starlink stations so that Internet access would continue to allow Ukrainians to report war crimes and conditions. Mr. Musk provided access.
Ukraine was also joined by hacker organizations including the group Anonymous.
The group has suggested numerous ways that its 7 million followers can participate in the counteroffensive. One such way used a web app to randomly generate Russian phone numbers so that its followers could use those numbers to bombard Russian civilians with information about the conflict.
On Monday, February 28, some Russian news sites were successfully breached, allowing hacktivists to call for Russia to withdraw from the conflict.
These are significant feats with a large impact on public opinion of the conflict. And although none of these are particularly threatening to any US small business, they are likely leading to a greater likelihood of cyber attacks across the globe.
What can small businesses learn from the escalation of hacktivism?
Although the Russia-Ukraine War is currently providing the global hacktivist community with a focal point for its efforts, which is thankfully not us, there are a few reasons for concern.
- Cyber Weapons can easily leak into neighboring systems. NotPetya, for example, also bled into American Pharmaceutical company, Merck and took them offline and nearly wiped their system. As the conflict escalates, more deadly cyberweapons could be released, and these could easily reach unintended targets, anywhere across the globe.
- Hacktivist communities also provide white noise for the many cybercriminal organizations that are taking advantage of the conflict to develop and launch their own malware.
- The sheer scope of the counteroffensive does demonstrate the potential impact these individuals can have. That potential does not go anywhere after the war ends; it only starts to look for its next target.
We are watching another critical moment in cyber history when global hacker communities, and indeed citizens and leaders at large, recognize their power. While much of this activity might have good intentions, we should all be able to see the potential threat.
How Platte River Networks Protects Our Customers
We strongly recommend an aggressive defense posture. Utilizing Zero Trust principles with progressive software, systems and processes, Platte River Networks performs the following services for its customers.
- Infrastructure and Device Monitoring & Patch Management
- Next Generation Endpoint Security with Detect & Response
- Multi-Factor Authentication
- Managed Threat Detection, Mitigation & Remediation
- Business Class Firewall Monitoring w/ secure VPN access
- Mobile Device Management & Security
- Security Awareness training for your employees
- Email Filtering and Security
- Web DNS/URL Monitoring and Filtering
- Laptops and desktop Encryption
- Encrypted Backup-Disaster Recovery Monitoring & Management
If you have any questions about the state of your cyber security, please feel free to email david@platteriver.com. We are here to help.