Gone are the days of the typical war scenario. The cannon fodder has since been replaced by cyber influence and online resources that have far more impact in destabilizing governments and increasing fear among its citizens. We’re seeing the effects of this most recently through the tensions between Russia and Ukraine. According to the US government, GRU, a group linked to Russia’s military intelligence agency, originated from distributed denial of service attacks against Ukraine’s ministry of defense and several Ukrainian banks. UK government has since come forward to confirm the USA’s declaration. This has resulted in banks and ATMs being unavailable and the impression that the Ukraine government doesn’t have the capability to protect its citizens.
Russia has been the source of more advanced, impactful, and targeted major attacks in present years, one of the more notable being the attack on the power grid in 2021. These cyberattacks aren’t going away any time soon. This seems to be the new future of warfare against countries. This has prompted the experts at John Hopkins to build an algorithm for predicting cyberattacks between countries. As expected, the tensions between the Russian and Ukrainian governments have maxed out the scoring system for the first time. This tool named CAPI, examines country pairs to define risk scores in 5 categories:
- The presence of an organized cyber team, capable of attack.
- Motivations for attacking targets
- Lack of fear of repercussions
- The presence and impact of a cyberattack being part of the national security strategy
- Technological vulnerabilities in the target country.
Based on this information, CAPI and the John Hopkins team can determine the likelihood of an attack. Presently Russia attacking Ukraine is extremely likely. With Russia’s intentions clear, there is no doubt that attacks will continue against the country.
But what does that mean for countries supporting Ukraine? We have seen significant impact during elections and most recently in 2020, where hundreds of private corporations and government agencies have been impacted by the SolarWinds attacks. Clean-up is still underway, and as expected, motivation for maximum impact as tensions increase will result in further attacks.
Unfortunately, as this happens, private enterprises and non-profits will get caught in the crossfire. Typically, targets are based around public utilities, finance, health, and welfare are targeted although not exclusively. Everyone needs to be prepared for anything that may arise, now more than ever. This is ultimately a risk play. What is your exposure? What is the impact of exploitation? What is the cost of remedy? Etc. Preparation in this space is key. It’s much easier to prevent an infiltration than to clean it up after the fact. A solid foundational security and risk program, combined with active security monitoring, will prepare your organization for most threats that arise.
This is where Compyl thrives. A whole organization solution for information security, risk, compliance, threats, and everything else in between. Understanding the picture is half the battle. Compyl was created in response to the ever-changing landscape organizations will face today and into the future. We establish or enhance an organization’s position with our comprehensive all-in-one automated information security and compliance solution. We uncover the areas of strength and weakness which allow an organization to implement proper prevention strategies proactively. If one thing is sure in today’s world, as an organization scales, they will need to consider their vulnerabilities to protect them against various attacks that can bring their business to a screeching halt.
Learn more about Compyl by clicking here