June 22, 2022 By Jonathan Reed 2 min read

Cybersecurity authorities from the United States, Australia, Canada, New Zealand and the U.K. recently released a joint Cybersecurity Advisory warning of increased cyber threats related to Russia’s invasion of Ukraine. As per the alert, attacks may occur as a response to the economic costs imposed on Russia as well as material support to Ukraine provided by the United States and U.S. allies and partners.

Given this rising threat, along with other factors, are we facing a perfect storm when it comes to cyberattacks?

Malicious activity coming from Russia

Evolving intelligence indicates the Russian government is exploring options for potential cyberattacks, the alert states. This message follows a recent White House statement warning about attacks coming from Russia that could impact the United States.

Russian state-sponsored cyber operations have included distributed-denial-of-service (DDoS) attacks and malware against the Ukrainian government and critical infrastructure entities. Other reports have pinned data wiper malware on Russian-based threat actors attacking Ukrainian government contractors and financial groups.

The alert also notes that cyber crime groups have publicly pledged support for the Russian government. Russian-aligned cyber gangs have threatened to unleash attacks in reprisal for “perceived cyber offensives against the Russian government or the Russian people,” as per the advisory.

Perfect storm brewing?

Cyber incidents have been surging worldwide. In 2021, ransomware attacks increased by 1,885% against governments worldwide. On top of that, the health care industry faced a 755% increase last year. Given the warning associated with Russia-based threats, could we be on the verge of a perfect storm of cyber incidents? Some other indicators also point towards this possibility.

For example, Malware-as-a-Service has put powerful attack tools in the hands of nearly anyone seeking to inflict damage or demand ransom. Being a cyber criminal has never been cheaper. You can purchase ransomware for as little as $66, or hire a threat actor for $250. You can even get a phishing kit for free on underground forums. As attack kits and services become easier to obtain, a significant rise in incidents could be on the horizon.

Attack mitigation strategies

The CISA alert provides guidelines about how to prepare for a potential wave of cyberattacks. Some of these include:

  • Create, maintain and exercise a cyber incident response and continuity of operations plan
  • Maintain offline (i.e., physically separate) backups of data
  • Implement identity and access management solutions, including restricting where accounts and credentials can be used and using local device credential protection features
  • Use network monitoring tools and host-based logs and monitoring tools, such as an endpoint detection and response tool. This can help identify, detect and investigate activity that may indicate lateral movement by a threat actor or malware.
  • Use an antivirus program that uses heuristics and reputation ratings to check a file’s prevalence and digital signature prior to opening it.

The cybersecurity authorities urge critical infrastructure network security teams to prepare for and mitigate potential cyber threats, such as destructive malware, ransomware, DDoS attacks and cyber espionage. Security officers are called to harden cyber defenses and perform due diligence in identifying indicators of malicious activity.

More from News

Securing critical infrastructure with the carrot and stick

4 min read - It wasn’t long ago that cybersecurity was a fringe topic of interest. Now, headline-making breaches impact large numbers of everyday citizens. Entire cities find themselves under cyberattack. In a short time, cyber has taken an important place in the national discourse. Today, governments, regulatory agencies and companies must work together to confront this growing threat. So how is the federal government bolstering security for critical infrastructure? It looks like they are using a carrot-and-stick approach. Back in March 2022, the…

650,000 cyber jobs are now vacant: How to tackle the risk

4 min read - How far is the United States behind in filing cybersecurity jobs? As per Rep. Andrew Garbarino, R-N.Y., Chairman of the HHS Cybersecurity and Infrastructure Protection Subcommittee, overseas adversaries have a workforce advantage over FBI cyber personnel of 50 to one. His statements were made during a recent subcommittee hearing titled “Growing the National Cybersecurity Talent Pipeline.” Meanwhile, recent CyberSeek data shows over 650,000 cyber jobs to fill nationwide. Given the rising rate of cyberattacks, these numbers are truly alarming. How…

Will data backups save you from ransomware? Think again

4 min read - Backups are an essential part of any solid anti-ransomware strategy. In fact, research shows that the median recovery cost for ransomware victims that used backups is half the cost incurred by those that paid the ransom. But not all data backup approaches are created equal. A separate report found that in 93% of ransomware incidents, threat actors actively target backup repositories. This results in 75% of victims losing at least some of their backups during the attack, and more than…

Should you worry about state-sponsored attacks? Maybe not.

4 min read - More than ever, state-sponsored cyber threats worry security professionals. In fact, nation-state activity alerts increased against critical infrastructure from 20% to 40% from 2021 to 2022, according to a recent Microsoft Digital Defense Report. With the advent of the hybrid war in Ukraine, nation-state actors are launching increasingly sophisticated attacks. But is this the most prominent danger facing companies today? While nation-state-based attacks cannot be ignored, it looks like insider cyber incidents are far more common. In fact, for the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today