Cybersecurity has never been more Critical for Small Businesses on the World Stage.
On the 21st of March 2022, the White House released a statement and factsheet entitled “Act Now to Protect Against Potential Cyber Attacks”. The significance of the statement, the factsheet, specific actions to take and speaking about the threat by the President of the United States needs to be put into historical perspective.
Cyber Crime and Cyber Security have been topics of conversation in discussions and press conferences before. There has never been a time when a President of the United States took to a podium to specifically speak about this one issue.
Of course, the Russian invasion of Ukraine and the resulting political climate in Europe and domestically within the US are the backdrop and the reason for the actions taken by Cybersecurity and Infrastructure Security Agency (CISA) and the White House.
Earlier in February, CISA, a federal agency tasked with monitoring and alerting on cyber threats to critical infrastructure within the US issued a warning entitled “Shields Up”. CISA is a relatively recently formed agency, coming online November 16, 2018. The “Shields Up” warning was the first of its kind issued by the agency, but given the time the agency has been in existence, this might not have been seen as unusual.
The reason that the warning struck a chord with many in the IT and Infrastructure Security world was that the concern about cyberattacks was as a direct result of Russia’s invasion of Ukraine. When Russia moved on the Crimea region in 2014 Russia took action against online infrastructure in Ukraine. Areas like water flow, power and gas were all crippled by the cyberattacks that Russia launched as part of its military action in Crimea.
In 2022 Russia announced that countries or organizations like NATO that assisted Ukraine or were providing material support to Ukraine would be considered enemies of Russia and would face retribution for their interference.
Between past performance and current threats, there was a real concern at the start of the war that Russia was going to hit many countries that were helping Ukraine.
This sets the stage for the general concern when the original “Shields Up” warning was issued.
However, significant attack from Russia never came in the cyberspace.
Professionals and pundits have been speculating that Russia may be a paper tiger rather than a true near-peer when it comes to military might. But why hasn’t Russia attacked in cyberspace?
Over the last couple of weeks there have been reports of threats that have been stopped and attacks that have been defeated by Ukraine in the cyberspace. In part this is a result of Ukraine having built up it’s defenses over the last 8 years. In part the IT community of hackers and intelligence personnel have been actively working to counter attacks in the cyberspace to show solidarity and support for Ukraine during the Russian attacks.
The White House, however, took the unusual step of making an announcement with steps that businesses should take to keep themselves safe. What changed?
Russia’s lack of quick success during its invasion, their huge personnel and material losses against what has been billed as a ragtag force, and the subsequent retreats to harden lines far removed from the originally stated goal of taking the capital Kiev have all been humiliating. This humiliation is to Russia in general and President Putin in particular.
To save face and exert some wins in the varied battle spaces, security professionals believe that Russia will begin with a big push on cyberattacks.
On Wednesday, April 13th CISA released critical warning notices to Industrial Control Systems (systems that control things like water, chemical, natural gas and power systems nationally and locally) that there are nation state actors that have developed tools and have specifically targeted these systems. CISA recommended immediate actions to take to secure critical systems in the US.
There are further concerns that even when we have cyber insurance policies, we may not be paid out. Why? At the beginning of December 2021, Lloyds of London notified insurance companies that they underwrite for that they may not pay for cyber claims when Nation-State actors are shown to be the source of ransomware and cyberattacks. Lloyds underwriters 20% of the cyber insurance policies globally. That means 1 in 5 polices that are held may not pay out if an attack is shown to be initiated by a Nation-State.
Given the criticality of the systems we are talking about and the potential affect on how and if business and regular daily life continues with minimal interruptions, it is in the best interest of the United States government to suggest, strongly, that businesses take a proactive approach to securing their businesses. Insist too strongly and panic may ensue. Do nothing and vital systems may be compromised.
So, what can we do to protect ourselves as small business
owners?
– Use multi-factor authentication on any and all online systems that are used for personal or business functions. This will make it more difficult for an unauthorized user to gain access to your accounts and services.
– Put in place risk mitigation tools such as antivirus and extended threat detection systems. An AV program that is updates regularly to meet the continuously changing and evolving threats is critical and checking on it regularly is a must.
– Work with your staff and family members to train on how to spot suspicious emails and links and be careful where you choose to enter your login data.
– Work with your cybersecurity professionals to patch all your systems (computers, laptops, tablets, phones) with the latest tested updates to mitigate problems.
– Backup your data and ensure it is separated from live data to lessen the likelihood of losing it to encryption.
– Have disaster recovery plans in place for your personal and business life. If key data is compromised or lost, have a plan on how to restore it or work around to retrieve it from other locations/sources.
– Use complex password and a trusted password management tool to ensure that all your passwords are stored safely, are complex, and unique.
Security Evangelist Howard Globus has more than twenty years of experience designing, installing and supporting Windows server and workstation products in industries where security and reliability are critical. System engineering and administration experience includes customized Windows Server and Workstation installs, designed to be deployed using the latest automated technology available and managed using products found onsite at most Fortune 500 firms to ensure a wide variety of potential personnel to support the products in the future.
