March 9, 2022
If the Russian invasion of Ukraine hasn’t yet prompted your organization to begin adopting a highly defensive cybersecurity posture by implementing CMMC, it should have. Cyber warfare has now become a global standard, and literally all interconnected systems are up for grabs. Defense officials are urging companies to bolster their cybersecurity postures now. The DOD officials’ comments came after Ukraine government and private entities sustained cyberattacks that disabled public-facing websites in preparation for invasion. These cyberattacks are still taking place at the time of this post.
What do cyberattacks on Ukraine have to do with us?
Leading up to Russia’s Feb. 24, 2022, military invasion of Ukraine, security agencies urged U.S. companies to be vigilant with their cybersecurity, as tensions escalated in the past weeks and take advantage of a suite of cyber tools. Meanwhile, a recent multi-agency alert from the Cybersecurity and Infrastructure Security Agency, National Security Agency, and FBI noted that Russian hackers have been targeting defense contractors for years.
Not long after the invasion began, the Russia-based ransomware gang known as the Conti Team warned that it would “strike back at the critical infrastructure of an enemy” and threatened countries that punish Russia for the invasion.
Similarly, additional cybercriminal gangs around the world are choosing sides — targeting those they feel are their enemy. Meanwhile, others are simply taking advantage of the chaos to profit from striking as many businesses as possible.
How do these cyberattacks affect us?
Destructive malware can present a direct threat to an organization’s daily operations, impacting the availability of critical assets and data. Further disruptive cyberattacks against organizations in Ukraine are likely to occur and are actively spilling over to organizations in other countries.
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA) on two new malware variants known as WhisperGate and HermeticWiper. Each is being used to target organizations in Ukraine, each is highly destructive, and each has now gone global. Organizations need to increase vigilance and evaluate their capabilities encompassing planning, preparation, detection, and response for such an event.
How will we be attacked?
Destructive malware may use popular communication tools to spread, including worms sent through email and instant messages, Trojan horses dropped from websites, and virus-infected files downloaded from peer-to-peer connections. Malware seeks to exploit existing vulnerabilities on systems for quiet and easy access.
Destructive malware has the capability to target a large scope of systems and can execute across multiple throughout a network. As a result, it is important for organizations to assess their environment for atypical channels for malware delivery and/or propagation throughout their systems.
Targeted assessment and enforcement of best practices should be employed for enterprise components susceptible to destructive malware. All these best practices make up the core of the CMMC framework, and should be followed as vigilantly as possible. To successfully implement CMMC, we urge you to consult with us for a free evaluation. We’re a candidate C3PAO — one of the very first in the country. Our own CEO, Ben Gerenstein, was a member of the CMMC-AB Exam Objectives Working Group. We have the knowledge and experience to support you during this critical time.
Contact us now. We’re on duty.