Intelligence finds that Russia has initiated cyberwarfare techniques against Ukraine as military engagement escalates. Given the potential for similar attacks on US-based targets, we want to provide an update on what we know so far, and the steps we are taking to ensure the ongoing fidelity of the cybersecurity services we deliver to you for the protection of your business.
What we know so far: Cyberattacks targeting Ukraine
- Malware — New malware dubbed WhisperGate requests ransom payment and destroys files even if the ransom is paid.
- Website Defacement — 70 attempts have been made to deface Ukrainian government websites with 10 being successful.
- Distributed Denial-of-Service (DDoS) attacks — Targets include Ukraine’s armed forces, defense ministry, public radio, and 2 large banks. Several vital services were turned offline, and people were unable to access their bank accounts, use mobile apps, or issue online payments.
- Many suspect a potential attack on the Ukrainian power grid as was executed during the 2015 Russian invasion of Ukraine.
Actions to ensure protection of your business
We are in active communication with all our technology partners to exchange real-time threat intelligence that may impact our operations and are conducting ongoing audits of our infrastructure and processes to ensure defense against possible exploitation from Russian state-sponsored threat actors.
The protection of your business is our number one priority, and we will update and advise you as circumstances necessitate.
In the short term, we recommend the following:
- Remind employees of the role they play in keeping your business secure. For example, employees should actively look out for indicators of a potential business email compromise attack
- Be skeptical—Last-minute changes in wiring instructions or recipient account information must be verified.
- Double check that URL—Ensure the URL in the email is associated with the business it claims to be from.
- Spelling counts—Be alert to misspelled hyperlinks in the actual domain name.
- Be sure users have updated their systems and applications to the latest release which typically includes latest security enhancements.
- Contact our cybersecurity team – at the first sign of trouble. Delays give an opportunity for malware to infect more machines in your network and cause more damage.