QUESTION: Are Russian cyberattacks a concern?
Dr. O’Connor: Yeah. So, I think we had the President’s guidance earlier in the week that gave a broad statement, indicating the Russian plan to attack US companies. We’ve had Ms. Neuberger, who’s the Deputy National Security Council Advisor to the President and she’s come out and hinted a little bit more about what’s going on, that potentially the energy sector is being specifically targeted. Both Ms. Neuberger and the FBI used the term “preparatory phase” to describe where the Russians were at these attacks. So it certainly seems that at least from the information that we’re getting, we’re early on in a potential Russian campaign.
QUESTION: What can we expect?
Dr. O’Connor: Yeah, so I think this is an excellent opportunity for businesses. I think at this point in time, you recognize that there’s an active threat. This is a great opportunity to get your team together and really review what your internal surface looks like and your exposed surface looks like. How much of your business exists out on the internet? And what does it cost your business if there’s a loss of that information?
The average business and average consumer needs to be concerned and aware of this. I think the Russian [cyber] attacks are a response to the ongoing sanctions, so [they] will be opportunistic at best, less targeted and going for specific infrastructure. If they identify weak infrastructure that they can compromise and cause harm to the US economy, that may fall under their general plan of attack.
QUESTION: What can we do?
Dr. O’Connor: So then the question really begs what can individuals do on an individual level and what can businesses do to reduce the attack surface? Enabling multifactor authentication. So when we log onto websites, we typically use one method authentication, that’s commonly a password. But enabling a second method, whether it be a text message that we receive to confirm it’s us, or a secondary email that we receive, that we have to click a link, multifactor authentication is one of the strongest ways to ensure access to our information is done and proven in a way that’s reliable.
And there are ways to mitigate that risk. So we back up information routinely so that if it does get compromised and stolen or ransomed, we have access to it. What are our contingency plans if a particular aspect of our business gets shut down? Do we have alternate services that are ready to go and stand up on the fly? One of the most important things, what are we doing in our networks right now to threat hunt and identify potential attackers that are already inside of our networks waiting for the go ahead to attack.
This right here is a watershed moment. I think the President coming forward and saying that there is an active threat and FBI and Ms. Neuberger saying that this threat does pose a risk and is in the preparatory phases, this is a great time to really invest in the security of your business and make sure that you are hardening your target.