What steps should small businesses take?
The Russian invasion of Ukraine is both bad and sad on many levels, and in many ways. Luckily for us in the United States, other than some inflationary pressures, especially in gas prices, we have largely been unaffected by the war.
This is a little surprising. Initially, it was believed Russia might respond to U.S. sanctions by launching cyber-attacks against the U.S. But these have not materialized. While there have been limited cyber-attacks between Ukraine and Russia, there has been little uptick in Russia state sponsored cyber-attacks on the west, including the U.S.
Why is a big question. Despite the lack of attacks, U.S. intel assessments remain that Russia still has considerable Cyber-warfare capabilities, as exemplified by attacks over the last few years. The consensus is that Russia may be holding back, waiting to come out swinging if President Putin wants to cause the west more pain.
On March 21st, President Biden warned that “The magnitude of Russia’s cyber capacity is fairly consequential and it’s coming.” This was followed up by a White House fact sheet directed at U.S. businesses to take the following steps immediately:
- Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;
- Deploy modern security tools on your computers and devices to continuously look for and mitigate threats;
- Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors;
- Back up your data and ensure you have offline backups beyond the reach of malicious actors;
- Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack;
- Encrypt your data so it cannot be used if it is stolen;
- Educate your employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly; and
- Engage proactively with your local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents. Please encourage your IT and Security leadership to visit the websites of CISA and the FBI where they will find technical information and other useful resources.
Such recommendations are not new. SpotLink has been making these recommendations to our clients for years and has implemented much of the above with our Carefree Computing® Managed IT services clients, and even more layers above and beyond this with our Managed Security Services clients. Companies that have not implemented these essentials are at considerably higher risk than those that have.
There will probably be some warning for small businesses. Most likely the first wave of attacks will be on national or high-profile companies, or those that are openly and publicly supporting Ukraine. It may take some time before the Russians start going after secondary or tertiary targets. But these security steps generally take months to implement properly, so it is unlikely to be enough warning for a business owner to successfully implement them once the attacks begin.
We don’t know what type of attacks Russia will use. But if your company has already implemented the basics such as updated firewalls, current endpoint protection, MFA to protect your email, critical web sites, and VPN access, have multi-layer backups and business continuity in place, and have encrypted your data on mobile devices, you already are well ahead of the security of most small businesses. If your company have gone further and implemented additional protections such as application locking, SIEM systems, vulnerability scanning and remediation, etc., then you are even that much more protected and secured.
But wherever you are today, now is a good time to revisit and reassess your cyber security preparedness and start implementing gaps in the protection your business requires.
Of course, SpotLink is here to help you assess, implement, and maintain you cyber security systems so you are as well protected as reasonably possible. If you have any questions, or would like to review your security status, the SpotLink team stands ready to assist.
Robert Hood
CEO & Founder
SpotLink