Reading Time: 2 minutes

Vladimir Putin has set his sights on Ukraine long before 2014. It was until recently the world witnessed the biggest war after World War II when Russia forcefully invaded Ukraine. Putin believed that modernized Ukraine was a constant threat to Russia. He firmly believes that by “de-Nazifying and demilitarizing Ukraine”, everything will be fine.

According to Putin, this is not an invasion of war but rather a “special military operation”. Russia invaded Ukraine on 24th February. Since then, there have been over 3,455 civilian casualties and more than 5 million people have fled the country. As of today, the war is still ongoing.

Tony Gonzales, a Congressman tweeted how a strong offense is the best defense and shared a link to an article:

Due to Russia’s blatant attacks and attempts to seize control of Ukraine, many countries around the world have imposed sanctions on the former for invading the latter as a punishment.

On Wednesday, western governments warned that there’s a potential threat of Russia retaliating through “increased malicious cyber activity”. The cybersecurity agencies form the Five Eyes intelligence-sharing alliance with the United States, New Zealand, Britain, Canada, and Australia. It stated that due to the Russia-Ukraine war, organizations everywhere can become a victim of cybercrime.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) stated on its website:

“Russia’s invasion of Ukraine could impact organizations both within and beyond the region, to include malicious cyber activity against the U.S. homeland, including as a response to the unprecedented economic costs imposed on Russia by the U.S. and our allies and partners.”

Just last month, CISA said there was “evolving intelligence” that Russia has been looking into ways of potential cyberattacks.

“We know that malicious cyber activity is part of the Russian playbook. We also know that the Russian government is exploring options for potential cyberattacks against U.S. critical infrastructure,” CISA Director Jen Easterly said in a statement.

The statement from Wednesday also warned about the potential cyber crimes which have been voicing their support for Russia and can carry out cyberattacks on Western targets.

“Recent Russian state-sponsored cyber operations have included distributed denial-of-service (DDoS) attacks, and older operations have included the deployment of destructive malware against the Ukrainian government and critical infrastructure organizations,” the CISA said.

The CISA also reported that a few other cybercrime groups have conducted “disruptive attacks” recently against Ukrainian websites, “likely in support of the Russian military offensive.”

Consequently, the CISA has stressed on “critical infrastructure network defenders” to be prepared to deal with any sort of potential cyber threats “by hardening their cyber defenses and performing due diligence in identifying indicators of malicious activity.”

It also specified several security measures that organizations should adopt immediately for safeguarding themselves against potential threats. Such as enforcing multifactor authentication (MFA), updating their software, monitoring and securing Remote Desktop Protocol, and other services.

Furthermore, they recommended organizations to provide end-user awareness and training regarding strengthening cybersecurity.

Apart from these steps, the CISA advisory suggested the use of “network segmentation”. It consists of separating networks based on roles and functionalities for a long-term effort.

Regarding network segmentation, the nonprofit trade association CompTIA explained, “is when different parts of a computer network, or network zones, are separated by devices such as bridges, switches, and routers.”

“Network segmentation can help prevent the spread of ransomware and threat actor lateral movement by controlling traffic flows between—and access to—various subnetworks,” the CISA advisory said.

The CISA also recommended that organizations should have a Business Continuity Plan (BCP) in place in order to recover from a cyberattack if it happens.