BLOG
Read our blog articles, product news and announcements.

Ukraine conflict puts organisations’ cyber-resilience to the test

MyCena

Julia O’Toole, founder and CEO of MyCena Security Solutions, comments on how historic cyberattacks have given the Russian government critical advantages in the build-up to the Russia-Ukraine conflict. In anticipation of escalating cyberattacks, organisations should take immediate action to secure cyber-resilience.

The invasion of Ukraine is the culmination of years of careful preparation from the Russian state. Strategic cyber-advantages were gained in several areas, convincing them of their own cyber-supremacy.

Cyber-advantage one: Cyberwar practice runs
The Russian military has been testing and perfecting cyberwar techniques for years, not least against their Ukrainian neighbour, of which the most devastating was the NotPetya cyber-attack. This was directed against Ukraine’s financial, energy and government institutions in June 2017 but also indirectly affected many other businesses, causing hundreds of millions of pounds in losses.1

This attack highlighted the risk associated with having their own country’s digital infrastructure connected to the world. Consequently, Russia created its own internet network that can be disconnected from the rest of the world when needed. This was tested in June and July 2021 and again in January 2022, a few days after a dozen Ukrainian government websites were hit by a data wiper attack disguised as ransomware.2

Cyber-advantage two: Financial gains through ransomware
According to a report by Chainanalysis, nearly three-quarters of traceable ransomware revenue in 2021 (around $400 million worth of cryptocurrency) was laundered through Russia. Meaning that cyber-insurers could well have unknowingly propped up Russian military coffers.3

Cyber-advantage three: Deep penetration into western governments’ digital infrastructure
A recent string of high profile cyberattacks and vulnerabilities, including the SolarWinds attack and the log4j vulnerabilities, has enabled Russian cybercriminals to scan, steal and crucially stay inside organisations. According to O’Toole, “the SolarWinds attack reportedly gave Russia access to data from about 100 U.S. government agencies, critical infrastructure entities, and private sector organizations4.”

The impact of cyberattacks in other countries
There has been an escalation of cyberattacks on the Russian and Ukrainian sides, raising fears of repercussions on organizations in other countries. This, for example, happened to Saint-Gobain which in June 2017 had to stop operations following the NotPetya cyberattack, resulting in a loss of revenue of €80 million5.

The French Interior Ministry's cyber defense center went into "heightened vigilance" last week.  In the UK, Lindy Cameron, Chief Executive of GCHQ's National Cybersecurity Centre, said: "In a world that relies so heavily on digital assets, cyber resilience is more important than ever... The UK is closer to the crisis in Ukraine than you think... If the situation continues to worsen, we could see cyberattacks that have international consequences, whether intentional or not.”

“Lindy Cameron is correct to urge businesses and organisations to take steps to improve their cyber resilience,” says O’Toole. “The question is how?”

“Hackers don’t need to hack in, they log in.”
“Russia has gained its cyber-advantages fundamentally through the inherently weak digital access models deployed by organisations today. We know that nine out of ten attacks involve legitimate passwords, with password phishing responsible for 83 per cent of all cyberattacks in 2021.”

“People changing their passwords from DomSmith123! to Dom$mith1234 after a cyberattack will not stop a malicious actor from logging in again!”

Protect network access and ensure cyber-resilience
But it is not too late to protect your network access and secure cyber-resilience. According to O’Toole, organisations can quickly organise themselves to take back command and control of their digital network, stop passwords phishing and prevent ransomware attacks. Starting with applying physical security rules to their cybersecurity:

  • 1. Don’t let employees make and share their own (digital) keys. To ensure passwords can’t be seen, shared, or phished by anyone, they can be encrypted from end-to-end (creation, distribution, use, expiry).
  • 2. Don’t put all systems behind a single door with one key to open everything. To ensure (cyber) resilience, segment access to every system so that if one is breached, for example in a supply chain attack, the breach is isolated by default and won’t affect other systems.

From protecting networks to deceptive intelligence
O’Toole continues, “Intelligence has always been a key advantage in war. So has deceptive intelligence. By breaking the ENIGMA code, Alan Turing and the team at Bletchley Park helped the allies intercept the Nazis’ encrypted communications, create false information to then be intercepted by their opponents, and consequently shortened the war. Imagine today if organisations leveraged the rise in phishing attacks to deceive criminals with false information about their intentions and positions. Simultaneously, access from legitimate users would be protected with end-to-end encrypted passwords that can’t be seen, shared or phished. These organisations would be immune to passwords attacks, ensuring the integrity of their network and confusing their opponents in the process.”

Stop ransomware and stop funding the war
“From a financial standpoint, removing selected Russian banks from the SWIFT system and freezing their central bank assets will have a massive impact on Russia’s ability to sustain its aggression. Through preventing ransomware attacks, organisations could also prevent cryptocurrency theft from offsetting the financial sanctions and shorten the war,” O’Toole concludes.

-ENDS-

For more information on Julia O’Toole - https://www.linkedin.com/in/juliaotoole

For more information on MyCena - https://mycena.co/

FOR MORE MEDIA INFORMATION
[email protected]
T +44 (0)20 7388 9988

About MyCena Security Solutions
Founded in 2016, MyCena is the market leader in segmented access management and safe password distribution. MyCena’s patented security system allows companies to adopt a cyber-resilient strategy from conception using access segmentation, distribution and protection. With its ground-breaking technology, MyCena protects companies from the risks of password error, fraud and phishing, loss of command and control, ransomware, and supply chain attacks success. The company offers enterprise security solutions and applications to end users. To learn more visit: https://mycena.co/

1 https://www.ncsc.gov.uk/news/russian-military-almost-certainly-responsible-destructive-2017-cyber-attack

2 https://www.reuters.com/technology/russia-disconnected-global-internet-tests-rbc-daily-2021-07-22/

3 https://blog.chainalysis.com/reports/2022-crypto-crime-report-preview-russia-ransomware-money-laundering/

4 https://www.gov.uk/government/news/russia-uk-exposes-russian-involvement-in-solarwinds-cyber-compromise

5 https://votre-solution-generali.fr/images/pdf/Lettres/Cyberattaque notPetuya chez St Gobain.pdf