Your Small Business, the Russian Invasion, Cybersecurity Threats and Getting Ready

A week before Russia launched its invasion of Ukraine, the Cybersecurity and Infrastructure Security Agency (CISA) issued a rare cyber warning saying “Shields Up”. The CISA said there are no specific or credible cyber threats to the US homeland at this time. However, it also says, “Every organization — large and small — must be prepared to respond to disruptive cyber activity.”

The Russian invasion and cybersecurity threats

The “Shields Up” warning is aimed at the US private sector, and the deployment is based in part on Russia’s denial-of-service attack on Ukraine by its military. There’s no denying that the cyber threat is very real, but will it impact and target small businesses in any way?

ALSO READ: SBA Announces $3M in Small Business Cybersecurity Grants

While your small business may not be directly threatened, the public and private organizations it relies on to stay operational can. And this is where the term collateral damage comes in. If these organizations are attacked and/or undermined by extension, your small business will suffer. Outside of Russia, there are cybercriminal organizations that have expressed their full support for the Russian government.

These cyber criminals are largely responsible for major hacks and ransomware attacks that take place all over the world. According to Malwarebytes Labs, “If there was ever any doubt that some of the world’s most malicious ransomware groups were affiliated with the Kremlin, this kind of loyalty will put an end to it.” So it is not just state actors such as Russia and its allies that are posing a threat to the digital landscape in which we all live and work.

So, what does all this mean? Simply put, you need to protect your small business 24/7/365 with no days off. The Russian invasion shouldn’t be the only reason you’re going to implement and follow strict cybersecurity protocols.

The Harvard Business Review put it best when it said, “…if you’re only now evaluating your cyber attitude, you’re probably too late. Effective cyber defense is a long game that requires sustained strategic investment, not a last-minute bolt-on.” And this isn’t just for large organizations, it’s for everyone from individuals to freelancers, small businesses and multinational corporations.

Limits

No matter how many steps you take to protect your small business, it won’t pay off if you don’t also incorporate very strict cybersecurity governance that holds everyone in your small business accountable. With that in mind, make sure you have a board like that to protect what you’ve worked so hard on.

When it comes to ransomware, these are the FBI’s recommendations:

Regularly back up data offline, air gap and password protect backups. Ensure that copies of critical data are not accessible for modification or deletion of the system on which the data resides. Implement network segmentation. Implement a recovery plan to maintain and store multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (ie hard drive, storage device, the cloud). Install updates/patch operating systems, software and firmware as they become available. Use multi-factor authentication whenever possible. Use strong passwords and regularly change passwords for network systems and accounts, implementing the shortest acceptable timeframe for password changes. Avoid reusing passwords for multiple accounts.Disable unused remote access/RDP ports and check remote access/RDP logs.Requires administrator credentials to install software.Check user accounts with administrator privileges and configure access control with least privileges in mind. virus/antimalware software on all hosts. Use only secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Consider adding an email banner to messages that come from outside your organization. Disable hyperlinks in received emails. Focus on cybersecurity awareness and training. Provide regular training to users on information security principles and techniques, as well as common emerging cybersecurity risks and vulnerabilities (i.e., ransomware and phishing scams).

These are recommendations from the CISA

Protective controls and architecture

Deploy application management software to limit the applications and executable code that users can run. Email attachments and files downloaded from links in emails often contain executable code.

Identity & Access Management

Use multi-factor authentication whenever possible, especially for webmail, virtual private networks, and accounts accessing critical systems. Restrict the use of administrator rights. Users who browse the Internet, use email, and run code with administrative privileges are prime targets for spear phishing because their system — once infected — allows attackers to move laterally across the network, gain additional access, and access highly sensitive information.

Phishing Protection

Enable anti-virus and anti-malware software and update signature definitions in a timely manner. Well-maintained antivirus software can prevent the use of common attacker tools delivered via spearphishing. Be wary of unsolicited email or social media contact from people you don’t know personally. Do not click on hyperlinks or open attachments in this communication. Consider adding an email banner to emails received from outside your organization and disabling hyperlinks in emails received. Train users through awareness and simulation to spot and report phishing and social engineering attempts. Identify and block access from user accounts exhibiting unusual activity. Use network device, operating system, application, and email service reputation services. Reputation services can be used to detect or prevent low reputation email addresses, files, URLs, and IP addresses used in spear phishing attacks.

Vulnerability and Configuration Management

Install updates/patch operating systems, software and firmware as updates/patches are available. Prioritize patching known exploited vulnerabilities.

Sources

Small Business Administration – Protect yourself from cybersecurity threats

National Institute of Standards and Technology – Cybersecurity Corner for Small Business

Cybersecurity and Infrastructure Security Agency (CISA) – Cybersecurity Training and Exercises

StopRansomware.gov is a centralized government webpage with ransomware resources and warnings. It provides information and resources to protect yourself and your business from and respond to ransomware

You can get free cyber hygiene services from the CISA to identify and reduce your exposure to threats, including ransomware. You can request the service if your company is part of a critical infrastructure organization, no matter how small your company is. The goal is to find ways to mitigate risk and reduce attack vectors.

The key to securing your small business’s digital presence is strong security protocol, strict governance, and vigilance.

Image: Depositphotos


This post Your Small Business, the Russian Invasion, Cybersecurity Threats and Getting Ready was original published at “https://smallbiztrends.com/2022/03/small-business-cyber-security-threat-russia-ukraine-crisis.html”

Leave a Reply

Your email address will not be published.