The current situation in Ukraine creates cybersecurity risks for people and businesses worldwide. Here’s what you can do.
The Russian cyber activity that escalated recently as part of Russia’s invasion of Ukraine has put governments and the private sector around the globe on high alert. In an interconnected world where digital technology is embedded in everyday life for people and businesses, cyberattacks create mass-scale disruptions. A geopolitical conflict such as this could have broad cybersecurity implications—and it’s important to protect the people around you, including your family and coworkers, by being prepared.
As U.S. Senator Mark Warner, chair of the Senate Intelligence Committee, wrote on Twitter, the entire “international community” could be at risk from Russia’s actions because cyberattacks don’t know borders, and historical precedents suggest that attacks “could be devastating for individuals, businesses, and entire countries.”
Regardless of your geographic location, current events are a reminder to ensure you’re taking simple steps to reduce the effects of a potential attack on your family or business.
Now you can get Dashlane for the whole family.
With the family password manager, enjoy up to six separate accounts for 75% less than the cost of six individual subscriptions. Easily upgrade from Free, or switch from Premium within 30 days to get your money back.
Cyberattack threats across all sectors and the effect of current events
In the last few years, the pace of cyberattacks has intensified across all industries, affecting consumers and businesses of all sizes. These attacks have disrupted hospitals, endangered people’s lives, and struck deep into the supply chain.
Russia is often at the center of the most sophisticated attacks. Between July 2020 and June 2021, 58% of cyberattacks analyzed by Microsoft originated from Russia (with North Korea a distant second at 23%).
In light of the recent events in Ukraine, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) issued a “Shields Up” alert, warning about potential effects in all regions and recommending heightened security posture for individuals and organizations. “Every organization—large and small—must be prepared to respond to disruptive cyber activity,” CISA stated.
Such activity could affect people and businesses globally in several ways:
- The intertwined nature of today’s networks could create casualties beyond Ukrainian entities that Russia is targeting through cyberattacks.
- Russia may retaliate with cyberattacks against other nations that supported Ukraine.
- Fraudsters of all stripes may initiate scams related to the crisis in Ukraine—for example, sending phishing emails using themes such as crisis updates or humanitarian aid requests.
NotPetya: an illustration
Because the business world and modern supply chains are so interconnected, threats like malware and ransomware can spread quickly and broadly. The NotPetya attack in 2017 was a good example.
NotPetya, which many consider the most devastating global cyberattack in history, wreaked havoc across the world and caused an estimated $10 billion in damages. Security researchers have attributed the attack to Kremlin-backed actors targeting Ukraine, intending to scare entities doing business with the country.
Attackers originally compromised a Ukrainian accounting software firm, inserting malicious code into software updates. The NotPetya malware spread rapidly through networks by exploiting vulnerabilities and using stolen credentials. In the end, the damage was tremendous, hitting businesses worldwide.
What kind of increased activity may be expected?
According to news reports, Russia has vowed to retaliate against nations that impose sanctions against it or have supported Ukraine’s defenses in other ways. CISA’s “Shields Up” warning stated that there were no specific or credible threats to the U.S. Homeland at the time, echoing similar statements from other nations. However, cybersecurity officials and other leaders have emphasized the urgency of being prepared.
The importance of vigilance was echoed at a recent CIO Network Summit event, with one speaker, former White House Chief Information Officer Theresa Payton, quoted by the Wall Street Journal as saying, “During challenging times such as these, the Russian operatives could be using password spraying attacks, recycling passwords from past password data dumps [and] using artificial intelligence” to access corporate networks.
What does this mean for you and your family or business? To prevent falling victim to cyberattacks, you can proactively implement some fundamental practices and habits. Even if this geopolitical tension is temporary, cyberattacks are a permanent threat.
What can you do to boost your protection against cyberattacks?
A layered defense strategy is a best practice for organizations, but even basic measures will provide additional protection. The following tactics that CISA recommends for all individuals also apply to businesses:
- Keep your software up-to-date so it always has the most current security patches. Enable auto-updates when possible.
- Beware of phishing—“think before you click.” Most successful cyberattacks begin with phishing emails (90%, according to CISA). Educate yourself and your family or employees about phishing and how to prevent it.
- Use strong passwords. CISA recommends ideally using a password manager for generating and storing unique passwords.
- Implement multi-factor authentication (MFA) on all accounts that offer it. This provides additional protection if your logins are compromised.
How can Dashlane help?
Dashlane’s password manager helps you create, store, and share strong, unique passwords. Dashlane offers options both for individuals, businesses, and even created a family password manager. Business plans also include personal and business spaces so your team can manage personal and work logins with one tool.
Learn more about securing important accounts with Dashlane by downloading our guide, “Password Playbook for Small Businesses.”