Organizations Urged To Immediately Strengthen Cybersecurity Defences Against Potential Russian-Backed Cyber Attacks

On February 24, 2022, Russian forces initiated a series of deadly attacks on Ukrainian cities, resulting in an ongoing military conflict. Preceding these physical attacks were a number of cybersecurity attacks directed at Ukrainian organizations and infrastructure, which have occupied a growing role in the Russian military playbook both in Ukraine and in other countries. Western governments have imposed a suite of economic sanctions against Russia as a result of the physical attack on Ukraine.

On March 21, 2022, U.S. President Joe Biden warned that Russian-backed hacking groups could attempt to retaliate against these western sanctions by undertaking a campaign of cybersecurity attacks against western organizations. "One of the tools [Putin is] most likely to use ... is cyber attacks," noted President Biden. Citing U.S. intelligence leads, the President cautioned that the "magnitude of Russia's cyber capacity is fairly consequential and it's coming," and urged organizations to "harden your cybersecurity defences immediately."

All organizations should take immediate proactive measures to review their cyber preparedness with a view to identifying information security weaknesses and hardening their defences. Depending on the IT environment of the organization, these steps may include reviewing and updating privacy, password, patching and other policies, reviewing customer and supplier agreements for requirements related to information security, and preparing a data map to understand what types of data are stored by the organization and where (i.e., on what systems). While no protective measures will prevent 100 per cent of cyber attacks, often a little attention can go a long way towards mitigating damage to one's business.

In addition to hardening one's own defences, organizations should also pay attention to the information security and cybersecurity posture of the organizations in its supply chain, as attacks can rapidly propagate from one organization's environment to another. In other words, an attack may  spread from a trusted partner that was  the initial target of the attack. In many cases, the initial point of entry of malware comes in the form of an email from a trusted source.

Information and cybersecurity risks are not simply a concern for an organization's IT department; they are part of an organization's overall risk strategy, and should be evaluated and managed by its leadership team and not solely by its IT department.

For permission to reprint articles, please contact the Blakes Marketing Department.

© 2020 Blake, Cassels & Graydon LLP.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.