A few thoughts from the former commander of the reminder that the Israeli 8200 unit… and currently the CEO of Cybereason.

Home / News / A few thoughts from the former commander of the reminder that the Israeli 8200 unit… and currently the CEO of Cybereason.

A month after the Russian cylinders on Ukraine, speculation continues that Russia will engage in wide-ranging and coordinated cyber attacks against Ukraine and its allies. In Ukraine, the services launched, indicative deformations appeared, they could read the scale or even the expected attack was not there.

This week, President Biden made a statement on the current situation in cyberspace. Biden in attendance: “Russia can engage in malicious cyber activities against the States and it’s allies for the sanctions imposed on them. It’s literally part of the Russian playbook. Today my administration is re-checking intelligence information that the Russian government investigates options for cyberattacks ”. Due to the fact that the border between cyber and kinetic war is quite vague, so the allies of US and NATO around the world can keep the information about attacks to themselves to prevent a possible escalation of the conflict

Following the maxim “hope for the best but prepare for the worst” – it is likely that Russian hackers will respond to the sanctions with massive cyber attacks. The main targets would be government, military and critical infrastructure organizations, but no sector is safe – as no sector withheld from sanctions. Attackers can attack the so-called “Low-hanging fruit” such as the suppliers and partners of these organizations, and use a trusted relationship to gain access. There is also the possibility of unintended collateral damage, such as the NotPetya attack that has spread around the world.

Over the past year, we have witnessed an intense and steady stream of high-profile cyberattacks from Russia, and a tense exchange of views between Biden and Putin on Russian cyber-aggression. However, it has been incredibly quiet lately. Russia organized a very public spectacle in January of the arrest of members of the REvil ransomware gang. Since then, the number of ransomware attacks has dropped to almost zero. At first glance, it was supposed to be a show of cooperation – to show that Russia is working with Western nations to contain the ransomware threat. But it was more of a performance or a charade.

In fact, we believe Russia has set up ransomware gangs, using their skills and experience to engage in coordinated cyber attacks on behalf of the Russian government. In the past two weeks, involvement in incident response has increased dramatically, showing Putin has control of cybercriminals and the ability to use cybercriminal groups and state-controlled weapons.

Given the above, we recommend that all organizations follow CISA’s Shields Up guidelines – https://www.cisa.gov/uscert/shields-technical-guidance. It is important to do everything possible to proactively strengthen the security posture and have plans and processes ready to respond quickly and effectively in the event of a cyber attack.

Related articles

Why consider XDR by Cybereason?
Why XDR is the only defense against Enterprise Ransomware
Cyberattack on Ukraine pt. 2
Please be advised that our website is using cookies for marketing, statistical and functional reasons. In order to optimize the content on our website and to adapt them to your individual needs, we use informations saved using cookies on users’ end devices. Cookies can be controlled by the user through the settings of their web browser. By contiuning to use our website without changing your web browser settings, you are accepting the use of cookies.
I accept More info