You have probably heard the news by now that Russia has invaded Ukraine, and this will likely have a major impact on the cybersecurity world moving forward.
Russia has been heavily involved in the rise of cybercrime over the last several years, with many cybercriminal groups working out of Russia and, in some cases, receiving state backing from the Russian government. As western countries roll out heavy economic sanctions against Russia, and especially if Russia is removed from SWIFT and cut off from the global banking system, it becomes increasingly likely that Russia will respond with a coordinated hacking campaign against the U.S. and other western countries.
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is recommending that all American organizations be on high alert, especially small and mid-sized businesses as they are seen as softer targets for cybercriminals. You can learn more about the CISA recommendations here.
What TechMD Is Doing
We are actively monitoring our systems and ramping up our internal cybersecurity posture. This includes keeping an eye on the cybersecurity community, government agencies, and vendor recommendations for any actionable items we can take to better protect our clients.
We are also working with our vendors like Microsoft, Datto, and Huntress to ensure they are monitoring the situation closely and are taking steps to secure their systems. Finally, we have alerted our staff about this new high-risk cybersecurity environment and will be training them to be on high alert for any suspicious activity.
What You Can Do
We recommend alerting your staff about the increased cybersecurity risks and instructing them to be hyper-vigilant about any suspicious activity, unsolicited emails from untrusted sources, or unexpected links or attachments. Here are a few articles you can share with your staff to help educate them about these threats:
- Executive Extortion: The Evolution of Ransomware
- Business Email Compromise (BEC) Scams
- Tech Support Phishing Scams
- Microsoft 365 Vulnerability Leads to US Treasury Breach
If you haven’t already, we strongly recommend working with a cybersecurity professional to go through a Security Maturity Level Assessment (SMLA). This process will help you understand how secure your organization is today, how secure you need to be to appropriately reduce your risk, and what steps you need to take to get there. If you’re interested in learning more about how TechMD can help with the SMLA process, contact us here.