Business owners must TAKE ACTION NOW to protect against looming cybersecurity attacks because of the unprovoked Russian invasion against Ukraine. Cyberextortion, data theft and using computers to damage systems are three of the main cyberthreats posed by Russian interest in U.S. infrastructure. As tensions grow between Russian, Ukraine and NATO, cyber warfare is escalating. Much like the recent Toyota Motor Corp. attack after they joined Western allies in clamping down on Russia, U.S. businesses are also vulnerable to an attack.

Although the Cybersecurity and Infrastructure Security Agency, (CISA), reports no specific attack now, they have issued a “Shields Up” warning to stay extremely cautious for suspicious activity. These cyberattacks are not aimed at just high net-worth businesses—a suspicious email could open the attack. Phishing emails are fresh bait for chaos. We highly encourage you to read CISA’s terrific “Shields Up” – a FREE report that outlines what every organization—large and small—must do to be prepared to respond to disruptive cyber activity.

“Could this really happen in our own backyard?”, business leaders want to know. There is a precedence for this. Back in 2017, NotPetya was a malware virus where a substantial body of evidence indicates that NotPetya was actually a politically-motivated cyber weapon deployed by Russia against Ukraine, according to a recent article in ITPro. In a matter of days, it spread across the globe costing businesses in the billions of dollars.

What Can You Do Now to Make Sure You’re Protected?

Every individual can take simple steps to improve their cyber hygiene and protect themselves online.  CISA urges everyone to practice the following:

  • Implement multi-factor authentication on your accounts. A password isn’t enough to keep you safe online. By implementing a second layer of identification, like a confirmation text message or email, a code from an authentication app, a fingerprint or Face ID, or best yet, a FIDO key,  you’re giving your bank, email provider, or any other site you’re logging into the confidence that it really is you. Multi-factor authentication can make you 99% less likely to get hacked. So, enable multi-factor authentication on your email, social media, online shopping, and financial services accounts. And don’t forget your gaming and streaming entertainment services!
  • Update your software. In fact, turn on automatic updates.  Bad actors will find cracks in the system. Update the operating system on your mobile phones, tablets, and laptops.  And update your applications – especially the web browsers – on all your devices too.  Leverage automatic updates for all devices, applications, and operating systems.
  • Think before you click. More than 90% of successful cyberattacks start with a phishing email.  A phishing scheme is when a link or webpage looks legitimate, but it’s a trick designed by bad actors to have you reveal your passwords, social security number, credit card numbers, or other sensitive information. Once they have that information, they can use it on legitimate sites. And they may try to get you to run malicious software, also known as malware.  If it’s a link you don’t recognize, trust your instincts, and think before you click.
  • Use strong passwords, and ideally a password manager to generate and store unique passwords.  Our world is increasingly digital and increasingly interconnected. So, while we must protect ourselves, we are in this together to protect the systems we count on.

The Key Takeaway

Corporate leaders have an important role to play in ensuring that their organization adopts a vigilant security posture. CISA urges all senior leaders, including CEOs, to take these steps seriously today before a potential catastrophic cyberattack takes place. Now is a good time to put security awareness training in place at your organization to ensure that your chain of cybersecurity awareness and understanding is heightened.

At MIS Alliance, your continued security and protection is our #1 goal. We are on the front lines in the war on cybersecurity. In addition, we also offer Security Awareness Training through our simulation program because it’s really going to take all of us together to establish progress in the short term and improving cybersecurity and resilience in the long term.