russian-hacker-protection

24 Feb 2022

The growing crisis between Ukraine and Russia may seem a world away for most US businesses, but government agencies caution that cyber threats may be closer than you think.

On Tuesday, February 22, just moments after President Biden announced new sanctions on Russian banks and elites in response to Putin’s decision to send troops to two breakaway regions in Ukraine, senior FBI cyber official David Ring advised, in a phone briefing to private executives and state and local officials, to be on heightened alert for ransomware attacks.

This latest phone call was just one in a series of briefings over the past few months held by the FBI and the Department of Homeland Security for US companies and local governments as tension has mounted between the US and Russia over Ukraine. Russia is well known as a “permissive operating environment” for cybercriminals (in Ring’s words), and past experience has shown that Russian hackers are all too willing to go after critical US infrastructure.

In fact, it was just under a year ago that the Russian-based DarkSide Group hit the Colonial Pipeline with a major ransomware attack which subsequently shut down fuel deliveries on the East Coast.

This high-profile attack highlights the threat that ransomware poses to vital services, our economy and our national security. While Russian officials have teased at the possibility of cracking down on the groups that operate with relative impunity from their country, it’s unlikely they’ll be reining in their hackers, especially in this atmosphere of growing friction with the West.

And what does that mean to you?

It means that it’s up to US businesses to be vigilant and protect themselves.

A Cybercrime Offensive

While US officials have said there are no “specific, credible” threats to the US homeland related to the situation in the Ukraine at this time, they have tied cyberattacks to the Russian military strategy in the region. Ukrainian government and banking websites have come under cyberattacks believed to be sponsored— if not actually conducted—by Russia. Should the conflict grow, transportation networks and broadcast media are likely to be key targets for future cyber warfare.

Whether attacks might be intended as retaliation for escalating sanctions or to sow confusion among Ukraine’s allies, US organizations can’t afford to ignore the fact that they may unwittingly end up on the digital front lines of a new style of conflict. If you haven’t already taken steps to reinforce your cybersecurity, it’s past time to start.

Cybersecurity Advisory

On January 11, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the National Security Agency issued an advisory to raise awareness of common threats used by Russian hackers against business systems. According to the document, “Russian state-sponsored advanced persistent threat (APT) actors have used common but effective tactics—including spearphishing, brute force, and exploiting known vulnerabilities against accounts and networks with weak security—to gain initial access to target networks.”

Tactics include (but are, of course, not limited to):

  • Stealing credentials to gain access through existing accounts, guessing passwords
  • Exploiting vulnerabilities
  • Deploying malware

The agencies issuing the advisory caution that, in response to the increased risk of cyberattack, organizations should enhance their cybersecurity posture and conduct proactive threat hunting.

Among recommended actions are:

  • Implementing robust log collection and retention
  • Increasing your organization’s ability to investigate incidents and detect unusual behavior in the network
  • Monitoring suspicious activity that can signal infiltration by hackers
  • Having a robust incident response plan in place to mitigate damage

Forewarned Is Forearmed

If you’re not 100% sure that the protections you currently have in place meet the standards recommended by US intelligence and cybersecurity agencies recommend, then they probably don’t.

The worst way to find out that your policies and procedures aren’t getting the job done is when you’re on the wrong end of a ransomware or malware attack. Petronella Technology Group (PTG) can assess the current state of your cybersecurity posture and help you get the right safeguards in place to keep your operations and data secure.

In a world of evolving cybersecurity threats, PTG keeps you a step ahead of disaster. To find out how we can help protect you and your business, contact us here today.

Schedule an Appointment

Schedule an Appointment

    Our clients are awesome!

    Based on 55 reviews.
    Jeremy Richards
    Jeremy Richards
    2020-03-13
    Petronella provides great advanced digital marketing and automation solutions for my business!
    Kate Swenson
    Kate Swenson
    2020-02-14
    Highly recommended for CMMC certification assistance! Excellent and affordable options for secure data hosting on local infrastructure. 5 stars!
    Tom Matzen
    Tom Matzen
    2020-01-25
    Petronella Technology Group helped us setup our sales and marketing automation, cybersecurity and compliance for our new Blockchain startup. Great to work with! Craig in particular really knows his stuff, can translate into non-tech speak, and has wisdom beyond his years. Highly recommend them.
    Justin Summers
    Justin Summers
    2020-01-14
    Craig is awesome! He is very professional and efficient with his work. I would definitely recommend Petronella Technology to anyone who needs state of the art service.
    Blake Rea
    Blake Rea
    2020-01-14
    Craig is an expert in his field. Impressed by his knowledge, A true pioneer in Cybersecurity. My business is safer thanks to Petronella Tech!
    Robert Friedman
    Robert Friedman
    2020-01-10
    For the last five years Craig has been the Contributing Editor for Cybersecurity for NC Triangle Attorney Law Magazine which I publish. His base of knowledge is always leading edge, pragmatic and early to understand for our readers who are not techies. He is patient and easy to work with.
    Tammy Everett
    Tammy Everett
    2020-01-10
    Craig Petronella, CEO of Petronella Technology Group provided the members of the Defense Alliance of North Carolina expert advice on cybersecurity and NIST compliance. Eye opening experience! Thanks so much!
    Julie Brown
    Julie Brown
    2020-01-09
    Craig and the Petronella Technology Group, Inc. team made HIPAA compliance for my small practice so simple and easy! They helped me with all of my HIPAA training, HIPAA Security Risk Assessment, Penetration Test, and HIPAA secure hosting so I can rest easy.
    Pivot Point
    Pivot Point
    2020-01-03
    Petronella Technology Group helped us with our marketing strategy for our new web startup. Awesome experience!!!!
    Richard Brunet
    Richard Brunet
    2019-12-30

    SCHEDULE AN APPOINTMENT

    Make It Happen Now

    CLIENT SUPPORT

    Don't Feel Stranded

    CONSULTATION

    Get Best Advice

    PAYMENTS

    Make A Payment

    Top