Actu
How Companies Can Prepare for Russian Cyber Attack
March 2022 by Experts
President Biden on Monday warned of Russian cyberattacks against the US. So how should American companies and critical infrastructure operators interpret this most pressing warning yet.
Anne Neuberger, the deputy national security adviser, said yesterday that we’re seeing preparatory activity by the Russians, but “to be clear, there is no intelligence that there will be a cyberattack on critical infrastructure.” Benjamin Maher in his role as Director, Advisory at Security Compass Advisory, reads this as hacking attempts are already increasing, but it’s still too early to know whether this is a setup for a larger attack or a strategic threat for deterrence.
The comment from Ben below that discusses what companies can do to prepare themselves and what approaches they should consider. With over 15 years of cybersecurity experience, Benjamin currently leads the Red Team and OT service lines within Security Compass Advisory, focusing on simulating realistic cyberattacks and securing critical infrastructure against cyber threats. Prior to joining Security Compass Advisory, he was a leader in providing cyber security within the Canadian Air Force, where he developed extensive first-hand experience protecting against both criminal and nation-state cyber threats.
Comment from Benjamin Maher, Director, Advisory at Security Compass Advisory
“I would interpret that to imply that they’re seeing an increase in attempts by Russian actors to breach companies involved in critical infrastructure, this is done in order to gain access and intelligence that the Russian government could potentially leverage for damaging attacks in the future in the form of ransomware or attacks on industrial control systems. What is likely still uncertain, however, is whether the Russians are simply using these attacks as a strategic threat for deterrence or if they’re planning on conducting damaging attacks on the west, which may lead to reprisals or escalation of the current conflict.
I would stress that the recommended actions can’t be taken alone, but have to done together as part of an overall security program. For example, multi-factor authentication on it’s own, while effective, can be bypassed by attackers when combined with social engineering attacks. Of the recommendations, running exercises is one of the most crucial, since a simulated attack using the same tactics as these attackers is really the only way to know whether your defenses are effective without getting hit by a real attack. And it’s a lot cheaper to do this ahead of time, than after suffering from a breach.”
