Could the Russia-Ukraine war trigger a global cyberwar?
On this episode of The Cybersecurity Insider podcast, host Yigal Behar grapples this critical question with his guest, Steve Magnani, an information security consultant boasting over three decades of experience in the field.
Join them as they unpack the potential cyber warfare implications of this war and what it means for individuals, businesses, and nations alike.
Increased Cyber Threats Amidst the Russia-Ukraine Conflict
Steve shares his concern about the increased cyber threats resulting from the Russia-Ukraine conflict. He specifically points out that Russia, a nation known for its involvement in the dark web and hacking activities, is likely to become more motivated due to the financial sanctions imposed upon them.
Yigal points out a recent rise in cryptocurrency value, questioning its link to the war. Steve suggests the conflict may be fueling interest in crypto, especially since its recent decline could incentivize ransomware attacks. This interplay between war, cryptocurrency, and cybersecurity threats becomes the core of their discussion.
Russia’s Shift Towards Cryptocurrency & Possible Consequences
Steve believes that Russia, due to the freezing of its financial assets in major international banks, is turning to cryptocurrency as an alternative. This increased demand is likely contributing to the recent surge in crypto value. However, Steve cautions against jumping into crypto investments, as its value could plummet if the world finds a way to restrict Russia’s access to it.
Yigal adds that Russia, anticipating financial restrictions, has likely prepared by accumulating hard assets like gold and silver for potential exchange.
He also mentions Russia’s collaboration with China and Iran to create an alternative financial system to reduce reliance on the West.
Russia’s need for access to funds could lead to increased cyber threats, including ransomware attacks. Yigal says, “So, probably they’re going to go cyber about it, and they’re going to launch more ransomware attacks [sic] can be one of them, and that will lead to an increase in the crypto, because how you’re going to be paid? You’re going to be paid by paying the ransom. So, I think we should expect the likelihood is very high that we’ll have more ransomware attacks coming, and this is something that has been going on.”
Heightened Cybersecurity Concerns
Yigal questions Steve about the recent focus on cybersecurity, wondering why the threat seems more significant now than before. Steve responds by mentioning the drop in Bitcoin prices, contrary to his initial expectation of a surge due to the global crisis. He attributes this decline to the overall decrease in market confidence and uncertainty about the future.
Steve then shifts the focus to the impact on businesses in NATO countries and the US. He predicts an increase in ransomware attacks orchestrated by Putin as a way to compensate for his diminished financial resources. He explains that Putin will leverage the dark web forces under his control to target businesses and extort ransoms.
Steve says NATO-associated and US businesses need heightened security to combat the anticipated rise in ransomware attacks.
Economic Impact of the Conflict on the US
Yigal questions Steve about the recent fluctuations in the market value of various currencies, gold, silver, and stocks due to the ongoing conflict. Steve observes that the stock market, which had been declining in the weeks leading up to the event, surprisingly rebounded after the invasion.
Yigal then points out the unusual recovery of the stock market despite the escalating conflict, with major companies like Apple, Starbucks, Tesla, Amazon, and Microsoft experiencing growth. He asks if this indicates a lack of concern about the war’s impact on the market.
Steve disagrees, stating that while the physical threat might not be immediate for Americans, the impact will eventually be felt.
Yigal recalls President Biden mentioning in a press conference that the conflict would have economic consequences for the US, particularly due to the import of oil from Russia. Steve counters that the US doesn’t necessarily need Russian oil and could increase its own production through drilling and fracking.
In this discussion, the economic ramifications of the conflict may include:
- US Energy Independence: Steve and Yigal discuss the potential for the US to become energy independent and a leading exporter of oil and gas.
- Europe’s Dependence on Russian Energy: European countries, especially Germany and France, heavily depend on Russian gas and oil, limiting their ability to oppose Russia’s actions.
- Rising Prices of Rare Earth Minerals and Uranium: Russia’s abundance of these materials and the conflict’s impact on their prices will lead to increased inflation.
- Impact on Consumers: Inflation will affect the costs of cars, airplanes, ships, and other end products, which can strain consumers’ finances.
- Further Inflation: The Federal Reserve’s interest rate hikes to curb inflation may further impact financial markets and individuals’ ability to finance major purchases.
- Rising Costs of Fuel and Food: The conflict will also drive up the costs of fuel and food, adding to the financial burden on the average person.
Impact on Cybersecurity Investment
Yigal raises concerns about the financial impact of the conflict on businesses. He suggests it might lead them to cut back on cybersecurity investments. Steve states that smaller businesses, in particular, may be hesitant to spend on cybersecurity for the first time due to rising costs.
Steve asserts that cybersecurity is not optional, especially for businesses dealing with sensitive data and financial transactions. He compares it to basic expenses like electricity bills, which is a necessity for protecting the entire technical ecosystem.
More Security Measures
Steve argues that due to the heightened threat of nation-state-enabled ransomware attacks, all businesses will be more vulnerable. He stresses the importance of enhanced security measures, including malware protection, monitoring, and control gaps, to mitigate these risks. Steve emphasizes that cybersecurity is no longer a “nice-to-have” but a mandatory requirement for businesses.
Yigal and Steve then discuss the types of cyber threats that could increase besides ransomware. Steve confirms that transformative attacks are also likely to increase due to the ongoing conflict, adding another layer of concern for businesses.
Vulnerability of Critical Infrastructure
Steve shifts the focus to the vulnerability of critical infrastructure, emphasizing the importance of securing essential systems like electricity, water, and gas. He expresses concern about the possibility of Putin targeting these systems in major cities as a form of retaliation. Yigal agrees, acknowledging the existing efforts to protect critical infrastructure but also pointing out the challenges of outdated systems and limited resources.
Steve uses the analogy of “sitting ducks” to describe the vulnerability of critical infrastructure due to outdated systems and financial constraints. “The people who are in that situation are literally sitting ducks,” he says.
Yigal then brings up the Colonial Pipeline incident as an example of the potential impact of attacks on critical infrastructure. He advocates for personal preparedness in addition to institutional efforts, recommending having backup resources like gas and water on hand.
They further discuss the various types of cyber threats expected to increase, including ransomware attacks, data leaks, and attacks on major cloud service providers like Microsoft, Google, and Amazon. These attacks could have a domino effect, disrupting services provided by these companies to other businesses and individuals.
He probes existing vulnerabilities within American systems, referencing the SolarWinds attack that compromised thousands of systems. He warns of potential “logic bombs” and backdoors already planted in systems just waiting to be activated, similar to a botnet.
Recommendations for SMB Cybersecurity
Yigal then transitions the discussion to focus on what small and medium-sized businesses (SMBs) should do to protect themselves. Steve suggests that businesses should bring in an information security expert to assess their IT systems and identify vulnerabilities. He emphasizes the importance of understanding the business’s operations, data flow, and technology infrastructure to create an effective security plan.
Steve suggests that businesses bring in an information security expert to conduct an assessment of their IT ecosystem and identify any vulnerabilities. Fixing these vulnerabilities should be done with a qualified team.
Yigal adds that businesses should regularly conduct risk assessments and check their backups. He stresses the importance of having a reliable backup system, both on-site and in the cloud, to ensure quick recovery in case of a disaster or ransomware attack.
Steve emphasizes the importance of increasing visibility into the network by monitoring logs, collecting events in a central location, and correlating even minor alerts. This can provide early warning signs of potential cyber threats. He also calls for the need to keep all software and systems updated to protect against known vulnerabilities and potential zero-day attacks.
Steve recommends changing access rights, removing unused accounts, enabling multi-factor authentication (MFA) for cloud services, and using strong, unique passwords for different accounts.
AI & Machine Learning in Cybersecurity
Steve brings up the increasing use of artificial intelligence (AI) and machine learning (ML) in cybersecurity tools to combat threats like phishing attacks. He explains how these technologies can isolate potential threats before they cause damage to the network.
While these tools might be expensive, Steve notes their value, considering that a majority of hacks and ransomware attacks originate from phishing emails.
He says there’s a need for multi-factor authentication (MFA), especially for businesses operating in the cloud, but agrees that even MFA can be compromised. He suggests exploring more methods like biometrics and behavioral authentication for improved security.
Steve hints at exciting developments in the works with tools that could make cybersecurity more manageable for businesses, though there’s the cost factor. He then shifts the focus to the dire consequences of inaction.
Yigal paints a vivid picture of a business falling victim to a ransomware attack:
- The financial burden of paying the ransom
- Reputational damage
- Loss of revenue
- the operational standstill as employees wait for a resolution.
Yigal specifies that the cost of recovery, stating, “Still, you need to pay salaries. Still, you need to call somebody to clean up the mess that you originally made by not doing anything. And then, probably the authorities will come after you because, hey, you didn’t do anything. You didn’t do your due diligence. Now it’s gonna cost you much more.”
Government Warnings
Yigal hopes that businesses will take measures to strengthen their cybersecurity, noting that some clients have already responded positively to his previous warnings. “They are counting on us to come and say, ‘Hey, you know, this is going on and you should be aware,’ right? They are busy managing their business, whatever it is. If the IT manager still needs to manage the system, the owner, the business owner needs to still look at sales and expenses.”
He adds, “But, yeah, so what’s the point hiring us? You will hire us in order to help you to see things that you can’t see, and you don’t have the time and you don’t have the capabilities. You know, anything can be in terms of capability, like the, um, the knowledge, the expertise, the experience, the process in place, the team, whatever it is. They don’t have it, so they’re not gonna build it from scratch. It’s gonna cost them a lot. So they’re counting on us to come and augment whatever they need. They’d still need to do the business, manage the business, but we come and help them to improve over time.”
Steve then talks about a recent note from the CISA (Cybersecurity and Infrastructure Security Agency), indicating that “you would be foolish—she used the word ‘foolish (ref)’—not to get your cyber security health and posture in place.” He predicts a surge in attack attempts and successful breaches within the next three months.
The conversation ends with both Steve and Yigal agreeing that the number of cyber attacks will likely increase and that the data will ultimately reveal the true impact of the conflict on cybersecurity.Stay ahead of the curve by tuning into The Cybersecurity Insider podcast. Available on platforms like YouTube, Apple Podcasts, and Spotify for convenient listening on the go or at home. Don’t miss out on this resource for protecting yourself and your organization in the digital space.
TheCybersecurityInsider Ep 28 Russia Vs. Ukraine War
Talking about the upcoming threats due to this war and how the financial markets can influence the common man but also how that will affect cybersecurity spending, affecting security posture.
#thecybersecurityinsider #2securecorp #yigalbehar #stevemagnani #cybersecurity #russia #ukraine #cyberthreats #ransomware
This time I’m hosting Steve Magnani.
TheCybersecurityInsider
Host: Yigal Behar
2Secure Corp
www.2secure.biz
