One in three businesses and one in four charities are regularly experiencing Russian cyberattacks since the start of the Ukrainian conflict.
In fact, Russian cyber threats are on the rise across the globe. Businesses are unsure when breaches will slow or stop with no end in sight for the conflict between Russia and Ukraine. Companies need to understand the challenges ahead of them and what they can do to prepare themselves for attacks on their data and infrastructure.
This blog will explore the cyber threat landscape and what you can do to minimize your risk.
What has caused the rise in Russian cyber threats?
While Russia has been using cyberattacks to affect large-scale government departments and local businesses for years, the start of the Ukrainian conflict has changed the cyber threat landscape.
Cybercrime is a critical element of modern warfare. While Russia is currently only invading Ukraine, it is also aware that the West is providing aid to Ukraine. In retaliation, Russia is using cyber threats to harm and destabilize foreign powers that pose a threat to its interests.
President Joe Biden warned against Russian cyberattacks at the start of 2022, stating that they might attempt to fight back against economic sanctions placed on Russia. With the rise in cyber threats, now is the time for not just the government but also businesses to shore up their defenses and evaluate their network security.
Also read: Prevent fake emails, social engineering, and fraudulent transfer business scams
What level of damage can businesses expect?
Though Russian cyber threats have been commonplace for years, they have the potential to significantly harm a company’s workers and bottom line more than ever.
One example is during the NotPeya malware attack of 2017—hackers infiltrated Ukrainian software systems that were in use across the globe. The international nature of the hack resulted in $10 billion in damages.
Another recent example was the SolarWinds hack, which resulted in 18,000 customers becoming vulnerable to hackers because of malicious code added to security firm FireEye. The hack was far-reaching, affecting Fortune 500 companies and multiple U.S. government agencies.
These are just a few prominent examples that made headlines. Massive organizations receive widespread media coverage, so it might seem like they are the only ones affected. However, smaller businesses are at a higher risk of cyberattacks. No company is safe from malware, and all need to invest in training and protection—especially now.
Also read: Remote Access Security for CPAs and Accountants
The path forward
To adequately manage Russian cyber threats, businesses must prepare for a long-term process requiring sustained strategic investment.
Many cyber vulnerabilities begin with employee activity. Employees must know how to identify attacks and understand the correct steps to take if an incident occurs. The Cybersecurity and Infrastructure Security Agency’s (CISA) Shields Up guidance is a great place to start. Businesses should educate their employees and leadership teams about CISA’s recommended actions, including:
- How to reduce the likelihood of a damaging cyber intrusion
- Which steps to follow for rapid detection
- How to prepare the organization to respond
- How to maximize the organization’s resilience
Additionally, businesses should follow best practices that help protect against cyberattacks by creating a culture of cyber readiness. Your staff should receive regular training to best understand their role in cybersecurity, regardless of technical expertise. They should learn about common risks that affect businesses, like phishing and business email compromise.
There is also a checklist that businesses can follow to assess their readiness, including:
- Ensuring automatic updates are enabled for all operating systems and third-party software
- Removing unsupported or unauthorized hardware and software
- Enabling email and web browser security settings
- Creating application integrity and allowing list policies
- Implementing multi-factor authentication for all network users
- Ensuring all passwords are unique across all accounts
Also read: Accountants and Law Enforcement Collaboration Can Help Fight Cyberattacks
What role does insurance play?
There is no level of preparation that defends against all Russian cyber threats. The technology landscape is constantly changing, and companies are vulnerable to new and unseen cyberattacks.
That’s why businesses need contingency plans such as cyber insurance coverage, which is crucial to reducing cyber threats. It allows companies to shift the risk to the insurer. There are also types of insurance that will cover the costs of essential services, including investigators, legal assistance, crisis communicators, and customer credits or refunds. These can be invaluable in the case of a cyberattack.
Insurance coverage aims to reduce the immense financial burden caused by Russian cyber threats. Comprehensive coverage can enable businesses to mitigate severe financial damage and ensure their company isn’t crippled or permanently affected by a sudden attack.
Also read: How Cyber Insurance Protects CPAs
Evaluating insurance policies
For many organizations, finding the right insurance policy is about having confidence that it will cover their needs in a crisis. A common concern is whether insurance policies cover Russian cyber threats. Many terrorism policies exclude “acts of war,” and it’s unclear if cyberattacks fall under that category as its definition continues to evolve. When companies wrongly assume their policies cover cyber warfare, they risk drawn-out and expensive legal battles and potentially catastrophic data leaks. Instead, businesses need to be sure their insurance policy completely protects them.
Make sure your insurance coverage is right for you
With potential risks growing more complex every day, organizations need support in finding the ideal coverage for their needs.
McGowan PRO provides comprehensive coverage options at reasonable premiums. It allows you to shop your application to multiple carriers to provide you with a selection of premiums and coverage options. This enables you to find insurance that meets your firmfirm’scific needs. McGowan PRO’s Information Security & Data Privacy Liability Insurance offers industry-leading coverages to help protect you against cybercrime and its devastating impacts.
When businesses are confident in their insurance coverage, they can take chances on innovative solutions and operate without reservations. Contact us to learn more or ask for a quote.