CLEVELAND — With the war in Ukraine, there's a lot of concern Russia could retaliate against U.S. sanctions or other support for Ukraine, with cyberattacks.
A former military man turned cybersecurity firm CEO, says we've seen significant output from Russia over the last few weeks.
"Not only in terms of attack quantity but in terms of what sectors or industries they're going after," said Andy Jones, CEO of Fortress SRM.
He says years ago, it was mostly about political destabilization.
"The whole idea was how does Russia influence our elections or the social fabric of our society, and turn American against American, ideology against ideology," he said.
Jones said that has shifted in recent years to become a critical infrastructure threat, including our energy sector, telecommunications, defense, and government facilities.
"Now what we're seeing is an effort to start to disrupt more businesses and supply chain effort because among other things, the businesses are the ones that are making some of the weapons that are used in Ukraine," said Jones. "So, anything they can do to disrupt that supply chain or to sow seeds of discontent, or misinformation - not only domestically here in the U.S. but between allies."
To protect against cyber threats, Jones said companies first need to look at their defense.
"How are your cyber defenses arrayed?," he asked. "Whether it's the use of multifactor authentication, the use of more advanced technologies like endpoint detection response, EDR, MDR, and XDR. The ability to leverage or manage SIM services or manage SIM tools for event correlation. Really, take a look at your organization as a whole and this cyber posture as a whole, and don't dismiss the idea of an insider threat. More and more we're seeing insider threat being a vector that the Russians are using to gain access to systems."
He says with governments and bad actors usually use the same techniques and technologies, whether it's an insider threat or direct attacks, or ransomware or malware.
"All of the same techniques are deployed they just add the additional layer, especially domestically in the United States, of political uncertainty," Jones said. "How do I create or sow seeds of dissent or seeds of doubt which either slows decisions or creates discord and the inability to come to a consensus and make a decision," he stated.
When it comes to the percentage of companies across the nation and here at home that are properly protected against these kinds of cyber threats, Jones said mostly none are properly protected outside government agencies.
Jones said on average it takes about 207 days to identify a breach. Then, on average it takes weeks to recover from a successful cyberattack. That is weeks without being able to produce or ship product, pay bills or employees. Worse yet, Jones said more than half of small manufacturers are insolvent within a year.
It is not just Russia that companies have to worry about. Jones said China uses cyberattacks to try and steal intellectual property and organized crime uses it as an easy way to get money.
Fortress provided some good tips for all of us to improve our cybersecurity.
Some of those tips include being wary of random, unexpected friend requests, follows or connections on social media like Facebook or LinkedIn. Use strong password phrases. Never take online quizzes, or use check-ins to share your location. Never use public wi-fi to make a purchase or provide personal information. Keep your antivirus updated and run the scan feature on your computer every couple of weeks.
Download the News 5 Cleveland app now for more stories from us, plus alerts on major news, the latest weather forecast, traffic information and much more. Download now on your Apple device here, and your Android device here.
You can also catch News 5 Cleveland on Roku, Apple TV, Amazon Fire TV, YouTube TV, DIRECTV NOW, Hulu Live and more. We're also on Amazon Alexa devices. Learn more about our streaming options here.