russian state-sponsored actors may increase the number and intensity of destructive cyberattacks and influence operations in Ukraine, Microsoft said in a new threat intelligence report.
Microsoft experts suggest that there are many indicators that the russians threat actors are increasing their efforts in the digital space and have been testing new types of ransomware that could be used to cause more destruction.
New attacks may be spread beyond Ukraine’s borders to disrupt the country’s supply chain.
"Should Russia suffer more setbacks on the battlefield, Russian actors may seek to expand their targeting of military and humanitarian supply chains by pursuing destructive attacks beyond Ukraine and Poland. These possible cyberattacks, should the last year’s pattern continue, may incorporate newer destructive malware variants as well," the report said.
Russian adversaries’ activity may include:
potential espionage activities that could target military and political information from other nations involved in supporting Ukraine
hack-and-leak operations that may target essential figures involved in Ukraine’s resistance efforts
To mitigate potential cyber risks ISSP experts advise businesses, in particular critical infrastructure, to follow these five basic recommendations:
Assess and define clear roles and responsibilities for personnel responsible for responding to cyber incidents.
Ensure that cybersecurity personnel monitor internal processes in IT/OT networks and can detect abnormal behaviour.
Create and execute a response plan to cyber incidents and ensure that OT networks can work securely even if the IT network is compromised.
Conduct regular data backups in IT and OT networks and ensure that backups are isolated from the internet and protected from malware.
Develop a clear password and account access management policy, regularly scan networks for malware, and use multi-factor authentication and up-to-date antivirus software.