The Russia–Ukraine War has plunged the entire world into a new risk landscape, especially organizations that already faced high levels of risk. Compounded with the COVID-19 pandemic that brought with it a substantial increase in ransomware attacks that impacted many enterprises,1 geopolitical uncertainties can be expected to persist for the foreseeable future. This translates to high risk posed to nations, urgent risk posed to enterprises and sophisticated risk posed to people. We have officially entered a new stage of cyberwarfare and, as a result, cybersecurity has been pushed to center stage. Any organization that, by omission or commission, discounts it will quickly become a casualty of war and be forgotten in the dunghill of history. These are very dangerous times.
The new risk presented by the Russia–Ukraine War immediately changed globalization as the world once knew it. The Russian invasion of Ukraine resulted in the United States and some countries that are part of the North Atlantic Treaty Organization (NATO) sanctioning Russia,2 which was also removed from the Swift Banking system.3 Hundreds of global enterprises halted their operations in Russia.4 These actions, combined with the impact of COVID-19, have resulted in new risk that has necessitated going back to the drawing board to redefine and reevaluate risk management strategies.
High Risk to Critical Infrastructure
The Russia–Ukraine War has exponentially escalated security concerns about the US national critical infrastructure. Critical infrastructure as defined by the US Department of Homeland Security (DHS) are “[T]he assets, systems, and networks, whether physical or virtual, so vital to the United States that incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.”5 Such infrastructure includes energy plants, nuclear plants, bridges and highways, power lines and water systems that, if disrupted by a malicious cyberactor, could have far-reaching global consequences.
This fear is not limited to the United States. Other countries are equally apprehensive. Michael Johnson, chief information security officer (CISO) at Meta Financial Services opines that “Based on the global reaction to the current conflict, countries fear reprisals. The worry is, will there be collateral damage to critical infrastructure of other countries not directly involved in the current conflict—whether it be energy infrastructure, water supply, financial services, etc.?” In the United States, the US Cybersecurity and Infrastructure Security Agency (CISA) has sent out a strong warning about the possibility of Russian attackers targeting US critical infrastructure.
Protecting the Data of Displaced Refugees
War rapidly creates chaos as victims are harmed or displaced from their homes. Such chaos can be exacerbated by logistical data challenges that take time to resolve. Hackers are aware of this crisis and immediately cash into the data-harvesting space, targeting vulnerable people who value staying alive more than anything else. Aid organizations and other nonprofits that care for refugees may not necessarily be focused on protecting the data collected from victims of war. War produces compounding realities and risk very quickly. This heightens the risk profile of everything and everybody exponentially. Cyberprofessionals should assist nonprofits with protecting their data, securing their networks and/or backing up their critical data offsite.
Cyberprofessionals should assist nonprofits with protecting their data, securing their networks and/or backing up their critical data offsite.
Advanced Technologies as a Double-Edged Sword
The use of artificial intelligence (AI), machine learning (ML) and automation is rapidly pervading every facet of society. These technologies have undoubtedly shifted the paradigm and created quantum benefits, but malicious hackers have also taken advantage of them. Nation-state hackers from China, Iran, North Korea and Russia have ramped up their hacking activities since the onset of the COVID-19 pandemic, during which ransomware attacks against Western enterprises have been rampant.6 Today, the Russia–Ukraine War has produced a massive hotbed of malicious nation-state cybercriminals.
As a consequence, organizations must reevaluate their approaches to data security and networks. A lackadaisical, passive or reactive attitude can no longer be an acceptable option. Current risk levels have forced cybersecurity, once considered a responsibility of IT departments, to the forefront and it has been made a priority in C-suite and boardroom meetings. Proactive organizations are reallocating resources and budgets for cybersecurity and ensuring that their employees are well trained and kept abreast of the rapidly evolving threat landscape.
Malicious Cyberactors in the Remote Work Era
The COVID-19 pandemic necessitated a large-scale shift to remote working, which greatly enabled organizations to carry out their operations virtually. However, this also created a massive threat landscape. Malicious entities took advantage of weak networks and passwords to gain elevated administrative privileges, creating significant risk areas for organizations. Hackers use phishing tactics as attack vectors to get into networks and run unauthorized applications (apps) and software to gain access to critical data. The entity that controls one’s data also controls what one is capable of doing with their data.
The entity that controls one’s data also controls what one is capable of doing with their data.
Periodic monitoring of the network and taking inventory of authorized apps without interrupting business operations can significantly reduce risk and effectively consolidate the security posture of the enterprise.
Conclusion
The world is at an inflection point. There have been major conflicts since World War II (WWII), but references are now being made to a World War III. For the first time, a neutral country such as Switzerland is taking sides. It is ominous. Cybersecurity and risk management are being redefined. The current geopolitical shift will result in long-term risk profiles for enterprises. This dynamic requires a proactive approach to risk management that has a long-term view. We must be prepared for what emerges, take advantage of unknowns and control future risk factors.
Endnotes
1 Parent, M.; D. R. Beatty; “The Increase in Ransomware Attacks During the COVID-19 Pandemic May Lead to a New Internet,” The Conversation, 16 June 2021
2 Henderson, A.; “US/NATO Sanctions Against Russia Are Succeeding Beyond Their ‘Wildest Hopes’: Journalist,” AlterNet, 7 March 2022
3 Sieber, S.; “How Cutting Russia From SWIFT Will Change the Financial Landscape,” Forbes, 5 March 2022
4 Yale School of Management, New Haven, Connecticut, USA, “Almost 1,000 Companies Have Curtailed Operations in Russia—But Some Remain,” 16 May 2022
5 Cybersecurity & Infrastructure Security Agency, Infrastructure Security, USA
6 Carvin, S.; “Western Governments Confront the Growing Threat of Ransomware,” Centre for International Governance Innovation, 19 January 2022
Raymond Ito
Is the founder and chief information officer (CIO) of Glotef, a cybersecurity and risk management company that develops strategies for securing data, networks, infrastructure, critical assets and people.