Cybersecurity authorities from the United States, Australia, Canada, New Zealand and the U.K. recently released a joint Cybersecurity Advisory warning of increased cyber threats related to Russia’s invasion of Ukraine. As per the alert, attacks may occur as a response to the economic costs imposed on Russia as well as material support to Ukraine provided by the United States and U.S. allies and partners.

Given this rising threat, along with other factors, are we facing a perfect storm when it comes to cyberattacks?

Malicious Activity Coming from Russia

Evolving intelligence indicates the Russian government is exploring options for potential cyberattacks, the alert states. This message follows a recent White House statement warning about attacks coming from Russia that could impact the United States.

Russian state-sponsored cyber operations have included distributed-denial-of-service (DDoS) attacks and malware against the Ukrainian government and critical infrastructure entities. Other reports have pinned data wiper malware on Russian-based threat actors attacking Ukrainian government contractors and financial groups.

The alert also notes that cyber crime groups have publicly pledged support for the Russian government. Russian-aligned cyber gangs have threatened to unleash attacks in reprisal for “perceived cyber offensives against the Russian government or the Russian people,” as per the advisory.

Perfect Storm Brewing?

Cyber incidents have been surging worldwide. In 2021, ransomware attacks increased by 1,885% against governments worldwide. On top of that, the health care industry faced a 755% increase last year. Given the warning associated with Russia-based threats, could we be on the verge of a perfect storm of cyber incidents? Some other indicators also point towards this possibility.

For example, Malware-as-a-Service has put powerful attack tools in the hands of nearly anyone seeking to inflict damage or demand ransom. Being a cyber criminal has never been cheaper. You can purchase ransomware for as little as $66, or hire a threat actor for $250. You can even get a phishing kit for free on underground forums. As attack kits and services become easier to obtain, a significant rise in incidents could be on the horizon.

Attack Mitigation Strategies

The CISA alert provides guidelines about how to prepare for a potential wave of cyberattacks. Some of these include:

  • Create, maintain and exercise a cyber incident response and continuity of operations plan
  • Maintain offline (i.e., physically separate) backups of data
  • Implement identity and access management solutions, including restricting where accounts and credentials can be used and using local device credential protection features
  • Use network monitoring tools and host-based logs and monitoring tools, such as an endpoint detection and response tool. This can help identify, detect and investigate activity that may indicate lateral movement by a threat actor or malware.
  • Use an antivirus program that uses heuristics and reputation ratings to check a file’s prevalence and digital signature prior to opening it.

The cybersecurity authorities urge critical infrastructure network security teams to prepare for and mitigate potential cyber threats, such as destructive malware, ransomware, DDoS attacks and cyber espionage. Security officers are called to harden cyber defenses and perform due diligence in identifying indicators of malicious activity.

More from News

The White House on Quantum Encryption and IoT Labels

A recent White House Fact Sheet outlined the current and future U.S. cybersecurity priorities. While most of the topics covered were in line with expectations, others drew more attention. The emphasis on critical infrastructure protection is clearly a top national priority. However, the plan is to create a labeling system for IoT devices, identifying the ones with the highest cybersecurity standards. Few expected that news. The topic of quantum-resistant encryption reveals that such concerns may become a reality sooner than…

Malware-as-a-Service Flaunts Its Tally of Users and Victims

As time passes, the security landscape keeps getting stranger and scarier. How long did the “not if, but when” mentality towards cyberattacks last — a few years, maybe? Now, security pros think in terms of how often will their organization be attacked and at what cost. Or they consider how the difference between legitimate Software-as-a-Service (SaaS) brands and Malware-as-a-Service (MaaS) gangs keeps getting blurrier. MaaS operators provide web-based services, slick UX, tiered subscriptions, newsletters and Telegram channels that keep users…

New Survey Shows Burnout May Lead to Attrition

For many organizations and the cybersecurity industry as a whole, improving retention and reducing the skills gap is a top priority. Mimecast’s The State of Ransomware Readiness 2022: Reducing the Personal and Business Cost points to another growing concern — burnout that leads to attrition. Without skilled employees, organizations cannot protect their data and infrastructure from increasing cybersecurity attacks. According to Mimecast’s report, 77% of cybersecurity leaders say the number of cyberattacks against their company has increased or stayed the…

Alleged FBI Database Breach Exposes Agents and InfraGard

Recently the feds suffered a big hack, not once, but twice. First, the FBI-run InfraGard program suffered a breach. InfraGard aims to strengthen partnerships with the private sector to share information about cyber and physical threats. That organization experienced a major breach in early December, according to a KrebsOnSecurity report. Allegedly, the InfraGard database — containing contact information of over 80,000 members — appeared up for sale on a cyber crime forum. Also, the hackers have reportedly been communicating with…