In February of 2022, Russia initiated a full-scale invasion of Ukraine, marking the first time two well-funded conventional militaries have squared off in decades. Though initially isolated, the years-long conflict between Russia and Ukraine has evolved into a proxy war, igniting simmering tensions between the East and West. Unfortunately for cybersecurity managers throughout the democratic world, the conflict has also increased the risk of Russian cyberattacks. Here's why Microsoft says big organizations need to protect themselves.
Many Russian Cyberattacks Have Already Happened
If you want to predict the future, simply take a look at the past. Cyberattacks are a cost-efficient, effective means of causing an enemy state pain and suffering, and they have long been a major element of post-Soviet military doctrine.
Though Russia has yet to successfully damage meaningful internet infrastructure in the United States, it has frequently interfered with Ukrainian government websites and energy systems. Ukraine blames its enemy for multiple shutdowns of government websites, including that of its foreign intelligence service. Also disproportionately targeted are banks and financial institutions.
Though facing many accusations of digital misdeeds, the Russian government has rarely taken credit for international attacks. Doing so, of course, would yield little benefit. Smaller groups acting in support of their government have not been so cautious, and pro-Russian cells have claimed responsibility for damaging cyber events, including a major airport website shutdown in October 2022.
Propaganda Has Reached Beyond Russia's Borders
Unfortunately, propaganda doesn't just affect individuals living in the country it benefits. Russia's claims that it faces unfair or hypocritical persecution from the West create a compelling narrative for many expatriates and foreigners.
Though most NATO and European nations opposed to the war in Ukraine have implemented strict sanctions and web restrictions, some have found it difficult to police the actions of Russian state-sponsored media outlets in cyberspace.
Since the beginning of the war, content managers at Youtube, Vimeo, and other popular streaming services have tried to crack down on propaganda and state-sponsored messages downplaying the violence in Ukraine, but there are still plenty of published videos that echo Kremlin narratives. Worse, smaller forums and hosting services have become hotbeds of pro-Russian activity, providing safe havens for hackers looking to initiate their own Russian cyberattacks.
The countries in which propaganda has had the most far-reaching effects have been those with the closest ties to the former Soviet Union. Hungary and Slovakia may host more Kremlin-based web articles than anywhere else in Europe. While Slovakia's government supports united sanctions, Hungary's prime minister Viktor Orbán has repeatedly spoken publicly against sanctions and even vetoed a multi-billion dollar aid package to Ukraine.
Germany, Europe's economic powerhouse, hosts as many as six million Russian citizens and immigrants, and some experts are concerned about how this might affect the country's web security. The majority of Germany's citizens appear to support NATO and its cause, but far-right extremists still hold considerable political sway, as recently underscored by a government raid on a large group of coup plotters.
The U.S. Government Has Urged Caution and Countermeasures
According to the U.S. Cybersecurity & Infrastructure Security Agency, cyber warfare poses a significant threat to organizations of all sizes. The agency therefore recommends that any business depending heavily on web infrastructure take precautionary measures. These include:
- Restricting remote access to those who pass multifactor authentication
- Updating all software, including anti-malware protection
- Keeping up to date with security best practices
- Tracking and isolating traffic from Ukrainian sources
- Disabling nonessential ports and protocols
However, according to CISA, even these steps may not be sufficient for web businesses or organizations at particular risk of Russian cyberattacks. To maximize readiness, managers should keep a complete backup of company data and isolate it from other network sources. For those who operate physical machinery, it may be necessary to make sure all equipment can run manually without the input of an internet-connected network.
Impromptu crisis responses rarely run smoothly, so CISA also recommends running crisis drills and lowering risk reporting thresholds. The advice seemingly applies to organizations large enough to host risk management departments, though those with fewer anti-risk means can perform a risk versus cost analysis before implementing costly changes.
Microsoft Has Played a Key Role in Detecting Russian Cyberattacks
The war in Ukraine has been a unique conflict in world history. It is arguably the most visible war in history, and it is the first to feature widespread, experimental drone and artillery strikes. It is also unique in the extent to which private companies have found themselves involved.
Comprehensive sanctions regulations have required that financial institutions and tech giants find and prevent a staggering number of illicit transactions and activities. Among the world's premier tech companies, Microsoft has already detected and reported many cyber threats, including trojan and ransomware attacks on civilian infrastructure.
In an early invasion interview, president Brad Smith noted that while the company is cooperating with NATO and Ukraine, it is a private company, not a governmental or military organization, and it cannot singlehandedly bear the burden of preventing cyber warfare.
You Can Protect Your Business From Russian Cyberattacks
If the possibility of Russian cyberattacks or other security threats worries you, migrating your network to the cloud can keep your data safe and accessible for your team. At Cloudficient, we help our customers migrate seamlessly to Microsoft 365, giving you unprecedented affordability and scalability. To learn more about Cloudficiency, visit our website and get in touch with a representative today.
With unmatched next generation migration technology, Cloudficient is revolutionizing the way businesses retire legacy systems and transform their organization into the cloud. Our business constantly remains focused on client needs and creating product offerings that match them. We provide affordable services that are scalable, fast and seamless.
If you would like to learn more about how to bring Cloudficiency to your migration project, visit our website, or contact us.