As speculation grows about the possibility of major cyberattacks from nation-state adversaries, authorities are focusing on the need for proactive preparation across public and private sectors.
Speaking to CNN, the Cybersecurity and Infrastructure Security Agency Director Jen Easterly said the US government is making preparations in the face of a possible Russian cyberattack on US critical infrastructure and businesses.
The assumption, she said, should be that Russia is thinking about and preparing for disruptive cyber activity and that businesses and critical infrastructure organizations alike should consider themselves “vulnerable and at risk”.
“Malicious cyber activity is part of the Russian playbook”, she added, resulting in a range of risks from increased ransomware activity to disruptive retaliation against the punitive sanctions imposed by many countries.
The focus, however, should be on “preparation, not panic” and organizations all need to harden cyber defenses to improve vigilance. In these circumstances, the Director said, basics such as cyber hygiene are key given that 93% of successful attacks come from phishing emails.
The emphasis on preparation is being echoed elsewhere as authorities look to increase protection. For instance, institutions in the EU have been advised to do more to protect themselves against attacks as their interconnected networks “put them at greater risk”, according to a recent report by Reuters. In particular, the European Court of Auditors (ECA) cited issues including, “an inconsistent approach towards cybersecurity, the lack of cybersecurity good practices and inadequate funds and resources”.
At the same time, the European Commission (EC) has set out proposals for new regulations that will create cyber and information security measures that will be shared across the EU. And in the UK, new research has revealed that ransomware attacks have more than doubled in the past year, with the number of attacks reported to the Information Commissioner’s Office increasing from 326 in 2020 to 654 in 2021. The authors of the report recommend that businesses should invest in IT security software, not only to reduce the chance of an attack but to also demonstrate to insurers that they take cyber security seriously.
To learn more about how Glasswall helps organizations build a proactive defense against file-based cybersecurity threats, click here.