President Joe Biden warned on Monday that the escalating war in Ukraine increases the risks of Russian cyberattacks.

In fact, most in business and government have been operating under the likelihood of future attacks or the potential of cyberattacks in response to actions being taken by the United States and its allies in Europe against Russia. Though it has yet to happen, Russian cyberattacks seem likely to occur.

However, the President’s latest warning seems to be less about “potential” and more about “evolving intelligence” that indicates the Russian government is putting together options for cyberattacks.

Biden Administration on Russian Cyberattacks: Something is StirringBiden has urged companies to “harden your cyber defenses immediately.”

Deputy National Security Adviser for cyber and emerging technology, Anne Neuberger, said the U.S. government has seen “some preparatory activity” from the Russians. Nothing specific was shared publicly. And according to the administration, there are no known planned attacks on critical infrastructure. 

Right now, this is just another level of warning. A statement that something is stirring. 

Which industries are at risk?

Critical infrastructure is at the highest level of risk of cyberattack and ransomware. If the attacks on Colonial Pipeline and JBS taught us anything, it is that disruption of critical infrastructure and services pays for the attacker. Not only does it disrupt the economy, but it can indirectly put lives in danger and be very costly – both to the target and their supply chain and connected ancillary businesses. This would be a logical counter by Russia and state-sponsored criminal organizations.

What can you do to protect your enterprise?

The best course of action is to not wait for an attack before you take action. Even taking basic steps now to address security vulnerabilities within your organization can add immediate value. 

Here are several things you can do:

  • Make sure your employees revisit their cybersecurity training. A refresher on clearly communicating key internal best practices and security protocols will help bring cyber vigilance and mindset to the forefront. Be sure to emphasize topics such as: 
    • What does an email Phishing scam look like? Clicking on links in phishing campaigns is one of the most common ways hackers are able to gain access to networks. It’s best for employees to be aware of what they look like and avoid them.
    • How to secure laptops and other digital assets when working remotely? This is especially important to consider when using public or guest WiFi internet connections or working in public places.
    • How to avoid fake wireless access gateways when working remotely?This is where a hacker will actually create a wireless network that will appear as “Free Public WiFi” or contain the name of a trusted location. If the public WiFi source is unknown, it is best to avoid them – never trust, always verify.
    • What actions to take to further enhance security at the individual level? Frequently update passwords and use more complex and unique passwords that are difficult for hackers to identify. 
  • Apply patches and updates to all software that uses your network. One of the most common ways hackers gain access to a network, including sophisticated and well-financed cybercriminal organizations, is to look at the latest software patches available for businesses and governments and target those vulnerabilities. Most organizations do not implement patches or software updates in a timely manner, and criminals know this. Hence, exploiting known vulnerabilities is less time-consuming and has a high success rate. Shutting down this vulnerability can quickly improve your security and reduce the likelihood of breach. 
  • Conduct a security audit to gain more visibility into your network. With the movement to a remote workforce (and now the movement of that workforce from at-home environments to more public locations), the growth of IoT on the network, and network integration of supply chain partners, chances are high that you do not have total visibility into what applications, devices and workloads are on your network. Conducting an audit, especially from a company that is trained to identify hidden endpoints, will improve your awareness and be better able to come up with a plan for enhanced security. 
  • Pilot cybersecurity solutions that are being made available for critical infrastructure. Due to the increase in cyberattacks and malware, especially those targeting critical infrastructure, many reputable cybersecurity companies are providing critical and vulnerable industries such as healthcare, energy/utilities, water, and transportation with pilot programs that allow targeted implementation and evaluation of solutions atlow risk terms. This could provide your organization with an opportunity to quickly gain greater network visibility and security that can prevent breaches to critical systems and data.

How can Onclave help businesses and governments?

Onclave Networks provides an integrated network security overlay and dynamic platform based on Zero Trust  microsegmentation.

By identifying all endpoints connected to the network, the Onclave TrustedPlatform™ cryptographically separates Operational Technology (OT) and IoT devices from the network through Zero Trust microsegmentation – significantly reducing the overall attack surface of enterprise networks from core to edge.

Continuously monitoring and reassessing trust, the Onclave TrustedPlatform™ isolates and contains unauthorized or malevolent actors – protecting the network from breaches and lateral movement.

Contact us to learn more or schedule a demo.