Massive cyber attacks will persist until Russian invasion ends
So long as the Russian invasion of Ukraine continues, cyber-physical systems will continue to be targeted by malicious cyber actors via distributed denial-of-service (DDoS) attacks, increased malware activity, and targeted persistent phishing attacks.
Editor’s note: The story was originally published on Lawyers Weekly’s sister brand, Cyber Security Connect.
To continue reading the rest of this article, please log in.
Create free account to get unlimited news articles and more!
“The fog of war”, according to Paul Proctor, vice-president analyst at Gartner, can challenge situational awareness and panic aims to increase the risk of mistakes, to the advantage of bad actors.
“While the impacts of individual attacks will vary, the broader effects of a heightened threat environment will be felt by organisations worldwide,” Mr Proctor said.
“It’s likely that cyber threats will continue at least as long as the physical conflict does.”
Cyber warfare does not have geographical boundaries, Mr Proctor noted, in the way that physical conflict does.
“At least three energy companies in Germany have been targeted in cyber-attacks since the invasion began.
“We’ve also seen cyber actors in other regions, such as China, taking advantage of the situation to propagate threats, as well as involvement from non-state actors, like the Anonymous hacking group engaging in an offensive against the pro-Russia Conti ransomware gang,” Mr Proctor explained in a CRN interview.
Enterprise security risk cannot be managed in a vacuum by the CISO and their team, Proctor added, as the Russian invasion of Ukraine has demonstrated.
“Crises place an additional premium on risk-based decision-making, and business leadership must be involved at every level.
“Executives who make defensible, risk-informed choices are more likely to navigate their organisations with resilience, from response through recovery.
“Geopolitics and cyber security have become inextricably linked,” Mr Proctor said.
Security leaders “need to be looking at the global threat landscape from a business lens”, as business decisions moving forward will have security implications.
“What is the business’ appetite for that risk, and is it changing in the context of these events? Modern enterprise security leaders cannot just focus on vulnerabilities or security technologies.
“Rather, they must lead the enterprise to make informed decisions about its cyber-related risk exposure, and understanding the security impacts of global events is a key component of that new role,” he ended.
“Leaders should consider how current events are impacting enterprise risk levels,” Mr Proctor concluded.