1 min read

Cybersecurity Concerns Related to Russia-Ukraine Conflict

Featured Image

As the Russia-Ukraine conflict continues, many people and organizations have expressed concerns about the potential for cyber-warfare and potential impact on their organizations and/or people.

If you answer yes to any of the following questions, then your organization and/or personnel may indeed be facing greater than usual threats as a result of this conflict:

  1. You have operations in Russian or the Ukraine

  2. You have personnel working in Russia or the Ukraine

  3. You support journalism, research, or activism (especially human rights) in Russia or the Ukraine

  4. You are responsible for US critical infrastructure such as power, gas, water, or hospitals

Most people and organizations will answer no to all those questions. For those of you, the situation has not meaningfully changed. Your most significant threat is from cyber criminals and criminal organizations that wish to take your money. They will attempt to do this by tricking you (e.g. business email compromise and gift card scams) or through ransomware attacks or various other means.

Your best defense is a solid foundation of cybersecurity. At the absolute minimum you should:

  • Using multi-factor authentication on ALL your business critical applications

  • Ensure all your devices and software are patched - running up-to-date versions

  • Ensure you have verifiable, secure backups of all of your critical data

  • Train your staff regularly on cybersecurity awareness

You may also wish to inform your staff to be extra cautious of phishing attempts (via email, text or social media) on current news events, in this case, any communication purporting to be about Ukraine or Russia.

We do not advise trying to perform a year’s worth of security projects in a week. To paraphrase an ancient proverb,

“The best time to have started a comprehensive security program was several years ago. The next best time is today.”

NY SHIELD Act Compliance Checklist for Nonprofits

The New York SHIELD Act (“SHIELD”), which went into effect in 2020, provides needed clarity around what constitutes reasonable data security. The use...

Read More

Protect Yourself from Fake QR Codes

With the pandemic also came a resurgence of QR codes. Once thought dead, at least in the United States, they are now more widespread than ever. From...

Read More

What is Pretexting? How to Avoid Being Victimized

Pretexting is a type of social engineering attack that is often used to gain access to confidential information. In a pretexting attack, the attacker...

Read More