Tag: Ukraine

  • Cyber Civil Defense: We Can All Fight the Russians

    Most of us here in the US have followed the Russian invasion of Ukraine with a mix of disgust, outrage, and even existential fear. But there is a way to channel these negative feelings into positive actions by making yourself and your company a harder target for hackers, including those affiliated with or supported by the Russian government.

    During World War II, families planted victory gardens to help feed our military here and abroad. As the Cold War brought us to the brink of nuclear conflict, private citizens were called on to be part of a civil defense force to supplement local emergency management personnel. Now, technology has introduced us to a new battlefield in cyberspace. 

    Though cyber war doesn’t offer the horrific imagery of a physical invasion, it is every bit as real, the stakes are incredibly high, and threats are growing more sophisticated. Russia sent its soldiers into Ukraine, but it also has an army of malicious hackers on its payroll and/or under its protection as well. 

    Many of these are coin-operated criminal gangs working with the expressed or implicit approval of Vladimir Putin. They have a track record of targeting his enemies worldwide. The United States has been and will continue to be in their crosshairs. 

    As with generations past, it’s our turn now to recognize we all have a role to play – as private companies and private citizens – in protecting our institutions from attack. Here are some ways to do that immediately.

    For individuals, it’s critical to enable multifactor authentication, create complex passwords and/or use a secure password manager. An old poster from WWII cautioned, “Loose lips might sink ships.” The point was that small pieces of information could be combined by our enemies to paint a clear picture of larger operations. 

    As professional hackers, we often rely on that same principle – piecing together minor vulnerabilities that ultimately enable us to breach networks and exfiltrate data. The key is to make sure you’re not the weak link at home or at work.

    For businesses, now is the time to recognize that cybersecurity is part of your corporate mission, no matter what industry you’re in. If you’re a leader in your organization, be sure to establish regular check-ins with your information security team – if you haven’t already — and heed their advice. 

    This poster, found in bars across the US during WWII, was a reminder that Americans had a duty to protect information:

    Loose lips might sink ships

    The point was that small pieces of information could be combined by our enemies to paint a clear picture of larger operations. As professional hackers, we often rely on that same principle – piecing together minor vulnerabilities that ultimately enable us to breach networks and exfiltrate data. The key is to make sure you’re not the weak link at home or at work.

    Help is also available from the United States Cybersecurity and Infrastructure Security Agency (CISA). Its Shields Up publication offers some excellent recommendations about steps you can take to harden your defenses. Take a few minutes to read and consider these suggestions.

    Remember, too, that Raxis and other companies have veteran cybersecurity experts on their teams whose life’s work is to help protect you from those who would steal from you, hold your data hostage, or disrupt your operations. Now, as always, our certified professionals are ready to help.

    Raxis can perform in-depth penetration tests, conduct red team assessments, test your web applications, or help train your infosec team. But we also offer a number of free resources that are publicly available as well.

    Check out our YouTube channel, follow us on social media, and make sure you subscribe to this blog. We provide a lot of great security information aimed at helping you understand the latest threats and what you can do about them.

    The people of Ukraine are rightfully in our thoughts and prayers at present. It’s unconscionable for one sophisticated, powerful nation to attack and invade its neighbor simply because it can. But we can do much more than fret over what’s happening overseas. We can take action that will make it harder for the Russian government to escalate its cyber war in Europe and here at home.

    This is your chance to join the fight. Make your actions count.