Cyber Security in a time of war. Are you ready?

The war in Ukraine has demonstrated the risk of cyber attacks spillover. Recent developments show that wiper malware (malware that erases all data on targeted devices) has been used on the Ukrainian Government and other organizations.

Many of us remember the NotPetya attacks from 2017, which caused billions of dollars in downtime damage and affected organizations in France, Germany, Italy, Poland, the UK, the US, and more.

Two different wiper malware codes were used in the recent attacks. The first, known as HermeticWiper marks an escalation in cyberattacks against various Ukrainian targets, at least this is what security experts are saying. The second, known as IsaacWiper, uses the Isaac algorithm to encrypt data. Little is currently known about IsaacWiper.

As per the Cybersecurity & Infrastructure Security Agency (CISA) no specific threats to North American organizations exist at this time. CISA and other organizations have monitored the cybersecurity landscape surrounding Ukraine for the past 2 months. In mid-January, the Microsoft Threat Intelligence Center (MSTIC) “disclosed that malware, known as WhisperGate, was being used to target organizations in Ukraine. According to Microsoft, WhisperGate is intended to be destructive and is designed to render targeted devices inoperable.” Once again, no threat currently exists to North American organizations.

Combating destructive malware threats is challenging, but very possible using the information below.

Best Practices for Handling Destructive Malware

Organizations should increase vigilance and evaluate their capabilities. This should include a semi-annual security audit. Security audits are necessary tools that discover weak points in an organization’s digital security. Ensuring your organization is prepared in the event of a cyberattack is integral in overcoming this threat. To prepare, we strongly recommend:

  • You frequently backup important data and servers
  • You run frequent data and server backup tests
  • You patch all known vulnerabilities and test patches frequently (this is a normal process in a security audit)
  • You deploy strong multi-factor authentication (MFA) to as many employees as possible. *Remember, some MFA can be circumvented–it is not a perfect solution.*
  • You run education and training exercises to ensure employees are well versed on security awareness and protocols.

Effective cybersecurity can mean the difference between the death or survival of a business or organization.

Now is the time for a second set of eyes.  Let us help you review your security environment before the spillover of cyber attacks hits your environment.   Click here to arrange your security assessment or audit.