Cybersecurity: What are the effects of the geopolitical situation?

Bahadir Candan
Post by Bahadir Candan
January 19, 2023
Cybersecurity: What are the effects of the geopolitical situation?

When Russia invaded Ukraine in February 2022, it sparked a conflict which transformed the global cybersecurity landscape and prompted repercussions that will be felt for years to come.

Cyber attacks originating from Russian sources are nothing new, but since the Ukraine conflict was initiated, the world has seen an uptick in the frequency and severity of cyberattacks from politically motivated parties. Hybrid warfare is no longer confined to the realms of sci-fi but has become a common reality in a world of political uprising. Thus, ruining lives and leading businesses to bankruptcy all over the world.

As developments continue to emerge, we are starting to notice some key trends to be aware of. Including new strategies, technologies and threats to take into account to maintain an effective security posture in an era of global uncertainty.

Critical infrastructure and supply chains are at risk

The war has created a notable shift in motivation away from the more common, purely financially-driven hackers. Instead, as cybercriminals aim to destabilize national security, we see increased disruptions to government, emergency services and essential sectors and utilities.

Attacks on critical infrastructure have been on the rise for several years and due to current political instability these have doubled in 2022, mainly consisting of attempts to damage Ukrainian infrastructure and that of its allies, including the United States. The attacks began on January 14th, when more than a dozen of Ukraine's government websites were taken down. In February, a large DDoS attack took down the websites of Ukraine’s defense ministry and army and the two largest banks, PrivatBank and Oschadbank.

Further, during the same month, a cyberattack targeted oil loading facilities in the Amsterdam-Rotterdam-Antwerp refining hub, causing chaos at these key oil terminals and disrupting loading operations which affected petrol supplies in Germany.

A study by credit ratings agency Moody’s discovered that energy companies were among the most at risk of a significant cyberattack. Despite the low financial incentives for attacking such organizations these companies offer an ideal target due to the minimal cybersecurity measures and the potential societal upheaval such attacks could cause.

Organizations are responding strongly

A recent Gartner poll showed that over a quarter of organizations in North America and EMEA is taking some cybersecurity action in response to Russia’s invasion of Ukraine. Globally, companies are waking up to the real-world implications cyber warfare has on corporations and their stakeholders.

In the wake of President Biden urging companies to enhance cybersecurity in March of 2022, the US Cybersecurity & Infrastructure Security Agency warned organizations that it was time to put “shields up” with the UK’s National Cyber Security Centre issuing similar calls to action.

However, these radical communications led to a direct increase in cyber insurance premiums by an average of 28% in the first quarter of 2022 compared with the fourth quarter of 2021, according to the Council of Insurance Agents & Brokers.

Increasing cyber insurance was only one of the measures reported, as organizations mounted various defense mechanisms. Some doubled down on profiling the crimes, tactics, techniques, procedures and indicators of compromise to detect attacks prior to their occurrence. Others invested in threat intelligence and strengthened incident response capabilities. Additionally, many increased their efforts on educating their staff and opening lines of communication between employees and executives about the dangers of phishing emails and ransomware.

As organizations quickly responded to an increasing cyber threat from Russian sources, the measures so far have been largely tech-led. Although the threat looms and is ever-evolving, companies should avoid getting bogged down in endlessly tweaking their cybersecurity tech stack and neglecting education and staff awareness. For this reason, a solution such as Anapaya’s SCION is ideal: powerful enough to deploy once and flexible enough to meet any organization’s needs with minimal set-up.

Cloud data storage is affecting threat levels

As companies increasingly move their data online to cloud servers, this can unwittingly result in a scenario where all resources are concentrated and stored in one area that can potentially deliver vulnerable information to hackers on a silver platter.

The continuing digitalization of our working and personal lives, coupled with the rise in remote working and agile service development, create the ideal environment for reliance on cloud-based solutions to soar. But, as companies race to migrate to the cloud, cybersecurity is all too often left as an afterthought.

According to NTT, a Global Technology and Business Solutions Provider, Apache products were the most commonly attacked technology globally, targeted in a whopping 35% of all attacks. In October 2022, Apache disclosed a vulnerability in Apache Commons Text, a popular text manipulation toolkit used by many cloud-based applications, which contained default lookups that could accept untrusted input from a remote attacker and potentially result in remote code execution.

Attackers have been using cloud-based services for more effective hits. The group Cloaked Ursa, widely believed to be linked to the Russian Foreign Intelligence Service, used cloud-based services such as Google Drive and Dropbox as part of their attacks between May and June 2022. Phishing emails containing malicious PDFs were addressed to government and embassy officials, which, when opened, would trigger Dropbox to secretly deliver the penetration-testing tool Cobalt Strike to the victim’s device.

Secure against an uncertain future with Anapaya’s SCION

The future continues to hold uncertainty, and if the Russia-Ukraine crisis has shown us anything, cyber warfare is here to stay. Hence, attackers and their techniques will continue to evolve their technology and methods to advanced sophistication.

That is why a strong, flexible solution like Anapaya’s SCION is the best way to keep your business secure. Offering world-class security and network protection for any organization, SCION is easy to set up and makes a cost-effective defense in an uncertain geopolitical climate.

Enable SCION today. Contact us to arrange a safer future for you, your organization and your employees.

Bahadir Candan
Post by Bahadir Candan
January 19, 2023