Businesses warned Russia could launch cyber attacks
LOCAL businesses have been urged to strengthen their cyber defences amid worries that heightened tensions between Russia and the West could lead to Moscow-backed computer attacks.
As the crisis in Ukraine continues to escalate, cyber security experts on the island have issued a high priority alert that businesses should brace for the possibility that sanctions on Russia could lead to a wave of retaliatory cyber hacks.
Alongside a traditional military invasion, Vladimir Putin’s government is believed to have an arsenal of cyber weapons.
Black Arrow Cyber Consulting managing director Tony Cleal recommended that workforces should have heightened awareness to the potential for attack and damage, and businesses should confirm, in detail, their security monitoring.
‘This risk is real. Businesses need to gather all their protections to avoid being the victim of an attack.’
He warned that IT was not the only risk factor.
‘Think about strengthening your operational procedures, such as call-backs to confirm details before a payment is made or information is sent.
‘Think also about telling employees to be extra-suspicious of communications and documents sent through email and Teams, for example, which could contain malicious software. The businesses could be targeted because of their client base, but they could also simply be caught up in cross-fire when countries launch cyber attacks.’
While the conflict is taking place far away from the Channel Islands, borders are considered negligible, if they exist at all, in the digital space.
‘It is clear that by connecting our computer networks to the same internet as is used by everyone else in the world, from Russia and China to the US and Australia, businesses in the Channel Islands are inevitably at risk.’
The last time Russia took aggressive action against Ukraine, companies across the world found themselves victims of a ransomware attack that got out of control. The NotPetya malware crippled government IT systems in Ukraine before spreading to dozens of other countries.
Resolution IT information security consultant Nick Robilliard said large businesses, such as cloud platforms, were the most likely potential targets for a cyber attack.
‘If you are much smaller then you’re not likely to be targeted, but you could still be affected in the collateral damage of a large-scale attack, and because of that you may want to consider what would happen if you didn’t have access to a business critical service of a piece of data that is vital.
‘It’s the awareness of how to continue in an adverse event that becomes even more relevant at a time like this.’
‘This goes for both individuals and small businesses, perhaps a piece of practical advice would be to think about what would happen if your most vital app, system or service was offline, what would you do to mitigate that?’