Our thoughts are with all those impacted by the Russia-Ukraine crisis. We hope for a swift and peaceful resolution to this conflict. As we see increased tension, we are encouraging customers to take stock of their current posture and prepare for increased defense posture. As we saw with malware such as notpeya, an attack on another entity could eventually hit everyone.
Cyberwarfare can take on many different faces. Some attacks are very subtle, and some are not. Cyberterrorism aims to reduce stability and erode confidence, while spreading mis- and disinformation. Cyberattacks can systemically “take down” foundational services like core banking, Federal/State/Local government, and critical infrastructure. There is no “good time” to prepare for an incident; that time is now.
At the very least, we suggest you review your posture compared to the NIST Cybersecurity Framework Core (NIST CSF). You may fall under other regulatory or similar constraints, which you should use instead. Please review and your risk and prepare your organization. WTG is strongly encouraging all organizations to secure an incident response retainer, with that IR provided listed as a “non-panel” provider in the organization’s cyber insurance policy. If you would like further and more specific guidance, please contact WTG.
Here are some links from our partners:
Arctic Wolf: Preparing for Security Incidents Related to Russia’s Attack on Ukraine
CrowdStrike: Lessons Learned From Successive Use of Offensive Cyber Operations Against Ukraine and What May Be Next
Secureworks: Russia-Ukraine Crisis
Fortinet: Ukraine Crisis Resource Center
Cisco Talos: Current executive guidance for ongoing cyberattacks in Ukraine