One of the consequences of the Russia-Ukraine conflict is that the countries imposing sanctions on Russia – most notably the United States – are now facing an unprecedented cybersecurity threat, as state-sponsored cyberattacks are certain to follow. Public companies, financial institutions, stock exchanges, telecommunications and energy infrastructure and states and municipalities are all likely high on Russia’s target list. A recent Harvard Business Review article notes:
Conflict in Ukraine presents perhaps the most acute cyber risk U.S. and western corporations have ever faced. Invasion by Russia would lead to the most comprehensive and dramatic sanctions ever imposed on Russia, which views such measures as economic warfare. Russia will not stand by, but will instead respond asymmetrically using its considerable cyber capability.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning of the risk of Russian cyberattacks spilling over onto U.S. networks, which follows previous CISA warnings on the risks posed by Russian cyberattacks for U.S. critical infrastructure. The European Central Bank (ECB) has warned European financial institutions of the risk of retaliatory Russian cyber-attacks in the event of sanctions and related market disruptions.
As this Mandiant blog notes, we should be prepared but not panic. Our cyber defenses have evolved to handle sophisticated state-sponsored attacks, and they should hopefully be able to withstand the inevitable attacks from Russia and its allies. But it certainly is a good time to dust off those reminder emails to employees about being vigilant against attacks to corporate systems, the contingency plans for dealing with individual cyberattacks as well as disruptions to financial markets and the economy, and your disclosure plans in the event that your organization experiences a significant cybersecurity event. Check out our Cybersecurity Practice Area for some helpful resources.
– Dave Lynn