Russian Cyberattacks in the U.S. - What Small Businesses Can Do ?

cybersecurity small business smb threats Apr 14, 2022

What to Expect?

The United States has imposed stark, impactful economic sanctions on Russia because of Putin’s Act of War with Ukraine.  As such, a long-distant weapon of retaliation is the Russian Cyberattack, where Russian Cyber Gangs have long run unabated with support of the Russian regime.  With sophisticated attack methods, where the cyberattack is invoked in code at the click of a button, frequent and rapid cyberattacks should be anticipated. Given the automation levels embedded within the Russian attack vectors, we should prepare for constant attacks where “always-on” prevention methods are required. A February article in the Harvard Business Review predicts a likely Russian tactic to Western economic sanctions is a posture of aggressive cyberattacks on US and European targets. Only our consistent vigilance can prevent a damaging outcome.


The good news is that US Cyber resources have cracked into Russian hacker networks that are associated with Russian military intelligence.  A “learning experience” was the 2017 Not-Petya malware attack that initially targeted Ukrainian infrastructure, spreading out with a worldwide impact that hit supply chain companies FedEx, Merck and Maersk, resulting in billions in damages.  A Russian criminal cyber gang, known as DarkSide, was held responsible for the Colonial Pipeline ransomware attack that caused fuel shortages and forced a shutdown of that infrastructure on our shores.  Russia has cyberattack capabilities that are documented and known, so we track them daily.

In June of 2021, in a meeting between President Biden and Putin, Biden warned Putin that the US would bring to bear our own cyberwarfare offense operations if any critical US infrastructure was attacked.  Biden cited power plants that generated electricity, food and water supply systems, telecommunications infrastructure, supply chain entities, and health care infrastructure.  With our proactive surveillance of Russian cyberattack entities, the US has set a threshold for retaliatory action.  Our cyberattack capabilities could have a devastating impact on Russia, notice served!


Cyber Security Best Practices

There’s a famous scene in the movie the Hunt for Red October where the Admiral asks Jack Ryan what his plan is.  “Russian doesn’t take a dump without a plan son” were the words…. As such, YOU need a Plan.  You should have a set of plans in place, no matter what your business size is.  Small & Medium-sized businesses are particularly vulnerable, as the large companies have all the protection and plans in place, where the SMB market is dramatically under-prepared; without plans, a catastrophe could result that puts you out of business.  The statistics are that 81% of the SMB market was subject to a cyberattack in 2021.  22% of those attacked went out of business.

What to do

  1. Get a Cybersecurity Risk Assessment to capture your security gaps & vulnerabilities

  2. Conduct Cybersecurity Awareness Training for your employees
    • 9 out 10 breaches are caused by human error

  3. Create these Plans
    1. A Business Continuity Plan – Operations need to survive an attack
      1. Your Systems backup strategy will dictate recovery time
    2. A set of Incident Response Plans focused on Cyberattack Events
      1. Malware attack
      2. Ransomware attack
    3. TEST each plan with our Table-Top Exercise
      1. Validate each will function as designed

That’s it. 

Do this and you will get a level of security and protection that delivers the ability to survive an attack.  If you’re connected to the Internet, you are an attack vector that can be reached.

Call us, book an appointment on our website and we look forward to working with you.