Key considerations to sustain cyber resilience amid the charged political climate
The current cyber threat situation
The ongoing conflict in Ukraine has been accompanied by a significant increase in global cyber threat activity, particularly within Ukraine and the surrounding regions. There continue to be observations and reports of full-spectrum malicious cyber actions, including data destruction, denial of service, intelligence gathering, in addition to misinformation and disinformation campaigns.
Most of the observed and reported activities appear to be directly related to Russian actions against Ukraine, while other activities may result from threat actors leveraging the situation to increase their attacks globally.
A historic global cyber crisis is a call to action for Canadian organizations to accelerate the adoption of contemporary cyber security and risk management practices.
Potential targets of cyber activity
The proliferation of such threats expands its reach to harm business within the affected region and beyond. Some of the projections on the potentially aimed entities include:
Geographic targets: Cyber activities are at their highest within and immediately around the conflict zone. Entities with interests in the region are at higher risk of intentional or unintentional cyber effects.
Affiliation targets: Governments and entities in the Group of Seven (G-7) and European countries implicated in applying sanctions against Russia are at a higher risk of retaliation in terms of cyber attacks and disruption.
Industry targets: Critical infrastructure, financial services, energy, defense, and logistics sectors are at particular risk of targeted and untargeted or spillover of malicious cyber actions due to the increasing threat activity.
Influence targets: Fabricated events to create the appearance of a threat in order to disturb, deceive, distract, and otherwise influence human behavior, beliefs, and opinions.
Preparation is key to achieving cyber resilience
Cyber criminals will go to great lengths to attack your organization. Preventing cyber attacks begins with preparedness, and one must be ready and armed to anticipate and defend against it. Here are four key preparation steps to manage cyber risks effectively:
- Identify: Stay informed about the latest updates on targeted sectors, specific cyber activities, and review your own security posture to identify any gaps and risks.
- Detect: Review indicators from intelligence sources and inform your threat hunting capability to look for specific techniques, tactics, and procedures.
- Protect: Build a threat profile and identify vulnerabilities to determine your level of risk then mitigate the risks by patching critical systems and public-facing assets.
- Respond: Ensure your incident response plans and business continuity plans are documented and test your response plans, processes, and procedures.
While uncertainty remains about the extent of cyber threats and the damage they can inflict, it is vital for organizations to take precautionary steps now to mitigate any harm and prioritize modern cybersecurity practices sooner than later.
For more information, contact:
Rob Philpotts, Director, Cyber Threat Management and Response
Andrei Lazaroff, Manager, Cyber Threat Management and Response
Mohammad Amr Khan, Senior Consultant, Cyber Threat Management and Response