Cyber defenders worldwide are reporting increased Cyber-attack activity in the wake of the tragic and unprovoked conflict in Ukraine. You can find details in the joint FBI/CISA notice by Googling “Alert AA22-057A”, but we have prepared a summary of the key points and defensive steps you should take:
- Make sure you have completed the basics (enroll in 2-factor authentication using Authy/Google Authenticator on all services that support it; ensure your computer, apps, and endpoint security platform are fully up to date; and never click on or believe anything in email ever)
- Increase in phishing attacks. As always be super careful when you receive any email from any address that contains links, attachments or requests for financial transactions. Always confirm the legitimacy of these types of email via a side channel i.e. calling the sender using a known good phone number
- New "Nigerian Prince" style scams that will be tailored around the current conflict. "I need help getting funds out of Russia and will give you a cut" etc.
- Fundraising scams "fund me to help get my children out of Ukraine", verify any fundraising or donation request, donate through known and efficient channels
- Aggressive/destructive ransomware style attacks. In Ukraine security researchers are seeing attacks that are simply wiping data with no attempt to extract a ransom from end users. Don’t install any new apps, and make sure you have a good backup of all important data on all your systems
- Large scale DDoS attacks that may impact large infrastructure providers like Amazon AWS or Cloudflare. These can result in outages of multiple cloud apps simultaneously, so ensure any essential data is backed up across clouds
As always please contact us with any questions or specific concerns.
Share this blog:
