Cyber Alert: How to Prepare for Cybersecurity Risks Associated with the Russia-Ukraine Crisis
As Ukrainian cities face attack from Russian forces, the country continues to suffer from an ongoing campaign of cyber threats. With full-scale invasion now seemingly imminent, Ukraine, along with allied forces, can expect to face more cyber attacks, likely targeted at critical infrastructure.
This week, Ukraine has been hit by even more cyber attacks, with its government referencing them as the most sophisticated to date. Several Ukrainian banks and government departments were unable to access critical websites, a result of Distributed Denial of Service (DDoS) attacks designed to knock websites offline by flooding them with requests until they crash. According to BBC News, while recovery was rapid, likely due to cyber preparedness, Ukrainian organizations remain apprehensive as new "wiper" malware have been flagged on hundreds of machines throughout the country.
As of Tuesday, February 24, 2022, President Biden announced new sanctions on Russia, prompting cyber officials from the Federal Bureau of Investigation (FBI) to ask U.S. businesses and local governments to be mindful of the potential for ransomware attacks as the crisis deepens.
Next Steps for Industry Leaders
Organizations responsible for providing oil, natural gas and electricity to the public are all potential targets for Russian-based attacks. Leaders in these industries, including CEOs and executives, are warned to prepare for an imminent attack focused on disrupting the flow of oil, gas and reliable electricity. Leaders in the oil, gas and electricity space are being called to work with both their Information Technology (IT) and Operational Technology (OT) teams to take several actions, including:
- Ensuring membership in the appropriate Information Sharing and Analysis Center (ISAC)
- Practicing response procedures
- Immediately reporting all attempted or confirmed cyber intrusions to their respective ISAC, Chief Information Security Officer (CISO), Department of Energy (DOE) or the Federal Bureau of Investigation (FBI)
- Following “Shields Up” Guidance from the Cybersecurity and Infrastructure Security Agency (CISA)
Recommendations from CISA: "Shields Up"
Russia uses cyber operations to destabilize its adversaries. Based on this background, CISA worked with critical infrastructure partners to create "Shields Up" - critical guidance to protect organizations against potential cyber threats. While there are not currently any active threats against the United States, CISA has urgently expressed that organizations must be mindful and take action now to be proactive instead of reactive.
CISA recommends all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.
Shields up provides essential information, including how to reduce the likelihood of cyber intrusions, insights for improving cyber resilience and specific recommendations for corporate leaders and CEOs.
Using the Past to Prepare for the Future
Over the last decade, the Russian government has consistently used cyber threats in warfare. In 2015, a non-state threat actor conducted a cyber attack that disrupted multiple power suppliers in Ukraine leaving around 230,000 people without electricity. This attack directly impacted the production of Ukraine’s Olesska shale gas deposit, a natural resource they were planning on putting into production to reduce dependency on Russia.
Then, in January of 2022, Russia launched a cyber attack on dozens of government websites. Before the sites went offline a simple warning message appeared: “Be afraid and expect the worst”. Although access to most of the sites was restored within hours, some experts have implied that this was a hybrid attack operation, combining ongoing military conflicts with coordinated cyber threats from non-state actors.
We know that with cyber attacks often comes the issue of attribution—years may pass before we know if any critical infrastructure has been hacked. To better protect your organization against these types of cyber threats, we would advise taking action sooner rather than later so you can be prepared to protect, defend, respond and recover from your next cyber-incident.
About ABS Group
ABS Group of Companies, Inc. (www.abs-group.com), through its operating subsidiaries, provides technical advisory and certification services to support the safety and reliability of high-performance assets and operations in the oil, gas and chemical, power generation, marine, offshore and government sectors, among others. Headquartered in Houston, Texas, ABS Group operates with more than 1,000 professionals globally. ABS Group is a subsidiary of ABS (www.eagle.org), a leading marine and offshore classification society.