https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • IWCE 2022 Winter Showcase
    • IWCE 2023 Pre-event Guide
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • IWCE 2023 Pre-event Guide
    • IWCE 2022 Winter Showcase
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Cybersecurity


Partner content

7 steps to take right now to prepare for cyberattacks by Russia

7 steps to take right now to prepare for cyberattacks by Russia

  • Written by Jai Vijayan / Dark Reading
  • 27th February 2022

US-led sanctions on Russia for its invasion of Ukraine earlier this week have sparked considerable concern about retaliatory and spillover cyberattacks from the region on US organizations and those based in other allied nations.

Many expect the attacks to run the gamut from destructive campaigns involving the use of disk-wipers and ransomware, to distributed-denial-of-service attacks, phishing, disinformation, misinformation and influence campaigns. Security experts expect that some of the attacks will be targeted and executed by state-backed Russian threats. Others are likely going to launched by actors sympathetic to Russian interests, and yet others will likely just spill over from Ukraine and cause collateral damage in the same way that NotPetya malware did a few years ago.

Here are seven measures that security experts say organizations need to take right now to be prepared for these attacks. Most of the advice includes measures that organizations should have in place already. But if they don’t, now is a good time to implement them, say the experts.

1. Assess Your Exposure: Not Everyone Faces the Same Risks

Chester Wisniewski, principal research scientist at Sophos, says the exposure that organizations face to Russian cyberattacks varies significantly.

Companies that have done or are doing business in Ukraine should expect the worst and make sure that all their security controls are as up to date as possible. Monitoring for credential abuse is especially key. “You should expect communications to be unreliable and have backup plans for how to communicate via other means if you intend to continue operating during the conflict,” Wisniewski says.

The US Cybersecurity and Infrastructure Security Agency has recommended that organizations working with Ukrainian counterparts take special care to “monitor, inspect, and isolate traffic from those organizations” and to review access controls for that traffic. The advice is one in a long list of tips that CISA has assembled in a document called Shields Up.

There’s a reasonable chance of organizations that do business in the region, but not specifically Ukraine — such as Poland, Romania, Estonia, Latvia, Lithuania, or Moldova — becoming victims of collateral damage from attacks designed to impact Ukraine. Wisniewski points to indicators that Sophos observed Thursday of a disk-wiping malware tool called HermeticWiper impacting some contractor locations in Latvia and Lithuania although it was targeted at Ukrainian entities.

“I don’t expect Russia will directly target NATO members, but we saw similar fallout from the NotPetya attacks, which were intended to mostly impact Ukraine,” Wisniewski says.

Organizations with no connection to the region are at heightened risk of becoming victims of independent Russia-based threat actors looking to cause harm to the west and perceived enemies of the Russian state. “We were concerned about this outcome before the conflict began and noticed that the Conti ransomware group has come out and declared their ‘full support of the Russian government,'” Wisniewski says.

2. Minimize Your Attack Surface

Organizations should validate their security posture by looking for exposed network borders/DMZ using tools such as search.censys.io and shodan.io, says Matthew Warner, CTO and co-founder at Blumira.

It’s a good idea also to deploy Sysmon within the environment, Warner says. “Sysmon can provide broad visibility across your environment that you won’t get with default Windows logging. In that sense it essentially mimics what EDR is trying to do,” he says. However, organizations often can get good fidelity and detections by looking into Sysmon data. “Oftentimes Sysmon detects behaviors even before an endpoint detection and response (EDR) tool will,” Warner says.

Monitor outbound traffic for signs of malware on the network calling out to a command-and-control destination. Though nation-state malware can be extremely hard to spot, in most cases the malware has to communicate somehow, BreachRX said.

A week before the Russian invasion of Ukraine, the National Security Agency issued an advisory on the need for organizations to use strong password types to protect credentials in device configuration files on Cisco routers.

To read the complete article, visit Dark Reading.

 

 

 

Tags: Policy Alerting Systems Analytics Applications Critical Infrastructure Cybersecurity DHS Enterprise Federal Government/Military Incident Command/Situational Awareness News Public Safety Security Software State & Local Government System Operation Tracking, Monitoring & Control Training Partner content

Most Recent


  • Verizon
    Verizon, Axon demonstrate benefits of 5G network slicing to support public-safety video
    Verizon and Axon Enterprises this week announced a successful demonstration of 5G network slicing that allowed its network to sustain connectivity performance levels for mission-critical video through Axon Fleet 3 and Axon Respond services. Network slicing is one of the most-anticipated features of the 5G standard for the critical-communications industry, because it allows a network […]
  • Cyberattack closes emergency rooms in three states
    Ardent Health says it was the target of a cyberattack over Thanksgiving, in an incident that shut down the hospital operator’s emergency rooms in three states. The hospital operator, which oversees 30 hospitals in the U.S., said the attack was detected on the morning of Nov. 23 and was identified as a ransomware attack impacting […]
  • General Electric, DARPA hack claims raise national-security concerns
    General Electric and the Defense Advanced Research Projects Agency (DARPA) have reportedly been breached, according to claims on the Dark Web that the organizations’ highly sensitive stolen data is up for sale. A screen capture from the Dark Web ad shows a threat actor named IntelBroker selling access credentials, DARPA-related military information, SQL files, and more. GE confirmed to […]
  • More 2G and 3G shutdowns loom in the U.S.
    UScellular and Cellcom recently set dates to shutter their aging wireless networks. The smaller network operators are following in the footsteps of their bigger, nationwide rivals, which are making similar moves. On its website, UScellular said it would shutter its 3G CDMA network on January 14, 2024. “Major wireless carriers have already shut down their […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • Researchers warn of stealthy Chinese backdoor targeting multiple foreign agencies
  • 7 steps to take right now to prepare for cyberattacks by Russia
    Newscan: Vulnerable U.S. electric grid facing threats from Russia and domestic terrorists
  • ITEC: Walt Magnussen, Joan Quintana outline features of upcoming Interoperability Institute
  • Fight over facial-recognition ban set to delay AI regulation in EU

Commentary


Land mobile radio (LMR) systems are just as vulnerable to cyberattacks as any other networks used in the public-safety sector. Here’s what to do about it.

  • 1
7th November 2023

September 3GPP Plenary meetings feature Release 18 progress, Release 19 beginnings

13th October 2023

Better technology can help solve the public-safety staffing crisis

26th June 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.