Mar 25, 2022
Cyberwarfare is a part of a new reality as evidenced by the distributed denial-of-service (DDoS) attacks targeting the websites of the Ukrainian defence ministry, army, and two of the country’s largest banks several days before the Russian invasion. These were the most significant attacks of this kind the country has ever faced, according to government officials.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issuance of a “Shields Up” alert for all organizations, means adopting a “heightened posture when it comes to cybersecurity and protecting their most critical assets.” In an era of cyberwarfare, companies are often the first line of defence against cyberattacks that could cripple critical infrastructure and devastate many other sectors. We are sharing this pertinent reminder for our customers to ensure their employees are up to date on their security awareness.
Some critical points to help your organisation and employees:
- Confirm the authenticity of digital communications, especially if they contain sensitive information. This can be done by reaching out directly to the sender, watching for abnormalities (such as misspellings, strange domain names, etc.), and cross-checking contact information with legitimate websites and records.
- Establish incident reporting mechanisms and don’t penalize employees for being transparent. Companies should incentivize open communication from employees about potential cyberattacks, even in cases where those employees may be at fault.
- Continually inform employees about the risks of working remotely and personal devices. Home networks are often more vulnerable to cyberattacks than office networks. The risks are even greater when employees work in coffee shops, airports, and other public places, which is why they should always use a VPN and understand physical device security.
- Facilitate cooperation between departments and teams. From reporting mechanisms to cybersecurity standards, your approach to data security, incident response, and all other elements of your cyber defences should be integrated across the company.
- Empower your employees to protect themselves and the company. Headlines about Russian cyberwarfare, large-scale breaches, and so on can be demoralizing and intimidating. Companies should remind employees that they have the power to drastically reduce the risk of a successful cyberattack.
Awareness for every end-user at work, home, and school is a critical level of defence that we cannot ignore. If there is anything we can do to share additional insights please don’t hesitate to let us know.