While Russian stroke a military attack on Ukraine less than a week ago, the war extends to non-military fields, but still strategical, such as transactional banking, energetic, media control (propaganda) including TV, radios and social media, and now cyberattacks.
Cyberwarfare is already real
This week, the Anonymous hacking and Cyber Partisans groups claim to have successfully disturbed several Russian and Belarusian governmental servers, directly impacting national TV networks, railway station, banks. The double aim of hacking Russian servers is double: sabotage to keep IT engineers busy defending against westerns cyberhacks instead of assisting military operations, as well as espionage to discover tactical information on Vladimir Putin’s invasion plans. Other international companies, such as Microsoft, have also admitted to have helped Ukrainian government with information on cyber attacks.
Could a cyber war start soon?
Between June 2020 and June 2021, 89% of cyber-attacks originated from Russian (58%), North Korea (23%) and China (8%). Governments and NGOs are the most targeted but 2021 has marked an important turn with the huge increase of attacks against IT companies and 96% of targets are non-critical infrastructures, making any SMB vulnerable. (Read Digital Defense Report).
Cyberattacks have already done millions of victims before the Russian/Ukrainian war. Corporate and SMBs have suffered data hijacking, deletion, or system paralysis due to malware disguised in phishing emails that are always cleverer and more personalised. The attack on Russian from the Anonymous may only increase the volume of attacks on our data and systems.
In prevision to harsher cyberattacks we may experience, it is important to take protection measures now, or at best, to check current measure are working as they intend to.
How to best protect against cyberwar
Backup data and systems onsite and offsite
The 3-2-1 backup strategy has never been more important today than ever!
Storing backups on the network is a good but not enough. It is important to have AT LEAST one copy of backups offsite. It could be on an LTO tapes or external hard drives for smaller companies, but we highly recommend having a copy of backup files to the Cloud.
How to replicate backups to the Cloud
Copy backup files to a Cloud location can be done with a free tool such as ImageCenter. It gives you the peace of mind to automatically upload a copy of your backups to the Cloud location of your choice. Should data be deleted, or onsite backups encrypted as a result of a cyberattack, use the Cloud backup chain to restore your company information, settings and data.
Backup physical servers directly to the Cloud
ActiveImage Protector 2022 is an image backup solution that allows you to take an exact-state copy of your machines (desktops and servers). The recently released version allows you to also directly backup the data to the Cloud, without having to keep a copy of backups files onsite or on the network.
This is an alternative solution, also we still recommend you have several copies of your data in different storage media.
Protect virtual machines
Should your virtual servers or desktop be hosted on on-premises hypervisors or in a public / hybrid Cloud, ActiveImage Protector allows you to run agentless backups: one installation to backup all VMs are the same time.
Beware of personalised phishing emails and mailware
Be prepared for an escalation of cyberattacks via phishing emails
Train your employees to detect fake emails
All emails of unknown contact must be seen as potentially suspect.
It is also necessary to be careful with emails coming from colleagues asking to check an external link, or download a document when we didn’t request anything, or from CEO asking finance to make a bank transfer… Any possible doubt should decide employees to give a call to the sender to verify the information that rightly intended to be sent.
Protect your on-premises emails servers ahead
Do not rely on employees and implement automated multi-layer filters to protect email servers. Price start at 1.5€ per mailbox to implement an efficient email security system that filters all emails throughout 5 different renown antivirus and a total of 15 types of security filters before they get deliver to employees, deleted, or put into quarantine. TEST IT FREE (it only takes a few minutes to install)
Are you 100% of the malware protection offered by your Cloud-based email servers?
Microsoft 365 like Google Workplace offer cloud-based email services, which include threat removal. But only their premium version includes advanced threat protection! This means that if you do not have the premium versions of Microsoft 365 or Google Workplace, these companies do not filter email attachments nor URLs contained in emails, when these are the highest risk for companies nowadays.
We agree, the Premium versions of these solutions are expensive. So why not check our alternative offering? With our Email Security solution we will filter all your emails before they go through your cloud-based server. All your emails will go to 15 email security filters, including 5 of the top brand antivirus engines, before they are directed to your cloud-based email service.
Select your Cloud provider
Datacentre security levels are more important than ever
Not all Cloud providers have the same protection. They do not have the same level of security facing cyberattacks, physical threats, or even more power downtime. What would you do if your data is unavailable because of an electrical cut? Consider storing backup files and working with hosted service that work with at least Tiers 3+ datacentres.
Do not put all your eggs in the same basket
Should you already work with high profile datacentres, you may want to replicate your data or work in a competitor datacentre… If Microsoft were to be targeted by a Russian cyberattack, it will be useful to have a copy of your assets in Amazon datacentres, and vice versa.
Password protect it all
We never say it loud enough. 123456 is not a password, although it’s used by the majority of people as password to their logins.
Make sure all your employees use real password, at least 12 characters long, and different to each login they have. Invest time in telling them about it, and in getting them to also password protect confidential files, as well as backup files. Use a free password generator if you do not know where to start.
DDoS is a risk
Distributed Denial of Service increased 52% in the last quarter of 2021. This method of cyber-target has also been used by Russia against Ukrainian websites on 14th of 15th of February, and by the Anonymous to take Russian Stock Exchange down earlier this week.
DDoS is a real arm from cyberwar and could cause important damages to many companies.
Conclusion about possible cyberwar
Anonymous hackers’ group has officially declared cyberwar against Russia this week. Russian has always been one of the countries with the most lethal government-financed cybercriminals.
Probabilities are high for Russian to reciprocate to provocations with an important number of cyberattacks against the US and European companies and institutions. It is important for anyone, specially SMBs, to prepare to the eventuality of a cyberwar today. Tomorrow may be too late, or too expensive…