https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Cybersecurity


Partner content

7 steps to take right now to prepare for cyberattacks by Russia

7 steps to take right now to prepare for cyberattacks by Russia

  • Written by Jai Vijayan / Dark Reading
  • 27th February 2022

US-led sanctions on Russia for its invasion of Ukraine earlier this week have sparked considerable concern about retaliatory and spillover cyberattacks from the region on US organizations and those based in other allied nations.

Many expect the attacks to run the gamut from destructive campaigns involving the use of disk-wipers and ransomware, to distributed-denial-of-service attacks, phishing, disinformation, misinformation and influence campaigns. Security experts expect that some of the attacks will be targeted and executed by state-backed Russian threats. Others are likely going to launched by actors sympathetic to Russian interests, and yet others will likely just spill over from Ukraine and cause collateral damage in the same way that NotPetya malware did a few years ago.

Here are seven measures that security experts say organizations need to take right now to be prepared for these attacks. Most of the advice includes measures that organizations should have in place already. But if they don’t, now is a good time to implement them, say the experts.

1. Assess Your Exposure: Not Everyone Faces the Same Risks

Chester Wisniewski, principal research scientist at Sophos, says the exposure that organizations face to Russian cyberattacks varies significantly.

Companies that have done or are doing business in Ukraine should expect the worst and make sure that all their security controls are as up to date as possible. Monitoring for credential abuse is especially key. “You should expect communications to be unreliable and have backup plans for how to communicate via other means if you intend to continue operating during the conflict,” Wisniewski says.

The US Cybersecurity and Infrastructure Security Agency has recommended that organizations working with Ukrainian counterparts take special care to “monitor, inspect, and isolate traffic from those organizations” and to review access controls for that traffic. The advice is one in a long list of tips that CISA has assembled in a document called Shields Up.

There’s a reasonable chance of organizations that do business in the region, but not specifically Ukraine — such as Poland, Romania, Estonia, Latvia, Lithuania, or Moldova — becoming victims of collateral damage from attacks designed to impact Ukraine. Wisniewski points to indicators that Sophos observed Thursday of a disk-wiping malware tool called HermeticWiper impacting some contractor locations in Latvia and Lithuania although it was targeted at Ukrainian entities.

“I don’t expect Russia will directly target NATO members, but we saw similar fallout from the NotPetya attacks, which were intended to mostly impact Ukraine,” Wisniewski says.

Organizations with no connection to the region are at heightened risk of becoming victims of independent Russia-based threat actors looking to cause harm to the west and perceived enemies of the Russian state. “We were concerned about this outcome before the conflict began and noticed that the Conti ransomware group has come out and declared their ‘full support of the Russian government,'” Wisniewski says.

2. Minimize Your Attack Surface

Organizations should validate their security posture by looking for exposed network borders/DMZ using tools such as search.censys.io and shodan.io, says Matthew Warner, CTO and co-founder at Blumira.

It’s a good idea also to deploy Sysmon within the environment, Warner says. “Sysmon can provide broad visibility across your environment that you won’t get with default Windows logging. In that sense it essentially mimics what EDR is trying to do,” he says. However, organizations often can get good fidelity and detections by looking into Sysmon data. “Oftentimes Sysmon detects behaviors even before an endpoint detection and response (EDR) tool will,” Warner says.

Monitor outbound traffic for signs of malware on the network calling out to a command-and-control destination. Though nation-state malware can be extremely hard to spot, in most cases the malware has to communicate somehow, BreachRX said.

A week before the Russian invasion of Ukraine, the National Security Agency issued an advisory on the need for organizations to use strong password types to protect credentials in device configuration files on Cisco routers.

To read the complete article, visit Dark Reading.

 

 

 

Tags: Alerting Systems Analytics Applications Critical Infrastructure Cybersecurity DHS Enterprise Federal Government/Military Incident Command/Situational Awareness News Policy Public Safety Security Software State & Local Government System Operation Tracking, Monitoring & Control Training Partner content

Most Recent


  • AT&T becoming a “public-safety company” with FirstNet, NG911 work, exec says
    AT&T has long been one of the greatest consumer communications brands in the world, but the carrier is beginning to become “a public-safety company” through its first-responder-centric efforts in the development of FirstNet and next-generation 911 (NG911) networks, according to Scott Agnew, the new COO of AT&T’s FirstNet team. Two weeks ago, AT&T executives revealed […]
  • U.S. government plans to block all tech exports to Huawei–reports
    The Biden administration is weighing a plan to block the export of all US-sourced technologies to Huawei – the latest escalation in Washington’s years-long campaign to throttle the Chinese firm. The new bans, first reported by Financial Times (paywall applies), would likely fall most heavily on firms such as Intel and Qualcomm that sell Huawei server and […]
  • Command-injection bug in Cisco industrial gear opens devices to complete takeover
    A security vulnerability has been found in Cisco gear used in data centers, large enterprises, industrial factories, power plants, manufacturing centers, and smart city power grids that could allow cyberattackers unfettered access to these devices and broader networks. In a report published on Feb. 1, researchers from Trellix revealed the bug, one of two vulnerabilities discovered that […]
  • AR-based next-gen maps aim to rebalance detail and simplicity
    Every sat-nav user is familiar with the chagrin of missing their turn because the map’s lines and circles don’t resemble the real world. Yandex is blaming maps, not users, for these errors. At its annual conference in December, the company presented its re-designed maps boasting natural-looking 3D objects such as trees, bus stops, colored buildings, […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • Researchers warn of stealthy Chinese backdoor targeting multiple foreign agencies
  • 7 steps to take right now to prepare for cyberattacks by Russia
    Newscan: Vulnerable U.S. electric grid facing threats from Russia and domestic terrorists
  • ITEC: Walt Magnussen, Joan Quintana outline features of upcoming Interoperability Institute
  • Fight over facial-recognition ban set to delay AI regulation in EU

Commentary


How 5G is making cities safer, smarter, and more efficient

26th January 2023

3GPP moves Release 18 freeze date to March 2024

18th January 2023

Do smart cities make safer cities?

  • 1
6th January 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

AT&T becoming a “public-safety company” with FirstNet, NG911 work, exec says dlvr.it/Sj8FXL

9th February 2023
UrgentComm

Command-injection bug in Cisco industrial gear opens devices to complete takeover dlvr.it/Sj6X3l

8th February 2023
UrgentComm

AR-based next-gen maps aim to rebalance detail and simplicity dlvr.it/Sj4gdM

7th February 2023
UrgentComm

Vodafone UK starts ‘risky’ shift to 5G standalone dlvr.it/Sj4dPJ

7th February 2023
UrgentComm

ChatGPT may be fastest-growing app of all time, UBS Says dlvr.it/Sj4NfL

7th February 2023
UrgentComm

Public-safety coalition renews efforts to secure federal NG911 funding dlvr.it/ShwGfn

4th February 2023
UrgentComm

Newscan: Cyberattacks on DoE national labs draw lawmaker scrutiny dlvr.it/Shvpw3

3rd February 2023
UrgentComm

The shine begins to wear off 5G private wireless dlvr.it/Shth0P

3rd February 2023

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.