The ongoing invasion of the Ukraine has raised concerns about an increase in cyber attacks around the world. And most probably, these concerns are justified – but what can business and individuals expect, who will be the top targets and what are the attackers after? We spoke with Morten Kjaersgaard, CEO of Helmdal Security, to give us his opinion on cyber attacks related to the Ukrain war and how it impacts global cybersecurity.
Cyber Protection Magazine: Which types of cyberattacks are most frequent in these times of conflict at the “gates of Europe”?
Morten Kjaersgaard: There are two directions here – one is warfare cyberattacks, hitting country intelligence streams, major institutions and critical large enterprises with attacks like ransomware, malware, DDoS, and the other being petty online scams and phishing attempts, from hackers taking advantage of the situation by targeting ordinary people. The Russian invasion on Ukraine will raise new and severe cybersecurity risks all around the world.
Cyber Protection Magazine: Who do you think will be the main targets of cybercriminals in this new warfare?
Morten Kjaersgaard: In my opinion, there are three main paths here.
To begin with, there is little doubt that both the EU and the US, as well as Russia, will seek intelligence on what the other party is thinking and doing. As a result, state actors will seek to breach individual country intelligence channels in order obtain crucial insights into what the opposition knows about their actions.
Second, it is obvious that Russia, in particular, requires a means of funding the war. As a result, all businesses in the United States and Europe are unfortunately potential targets for financial extortion or financial fraud.
Finally, there is the infrastructure approach, in which actors on both sides may seek to slow each other down by jeopardizing the other party’s IT infrastructure, so attacks can also be state-targeted and large enterprise-oriented when these organizations are essential to a country.
Cyber Protection Magazine: Do you think cyberattacks, which have become a part of contemporary warfare, may have a direct and conclusive impact on the battlefield?
Morten Kjaersgaard: There is no doubt that cyber warfare may have a direct influence on limiting ground progress, thus it is becoming an integral aspect of war planning. As you can assume, it would be quite difficult to get an airplane off the ground if the control systems were not functioning properly, and it would also be challenging to communicate quickly if your infrastructure was not running at full capacity.
Cyber Protection Magazine: How has the cybersecurity market evolved since Russia started this war?
Morten Kjaersgaard: On the whole, we are witnessing an increase in cybersecurity spending across the board. Governments in the EU and the United States are rightly pushing for greater security measures at the state, municipal, but also private levels. The current security scenario is dire and necessitates significant investment and redesign, as IT security is not always prioritized when budgets are established.
Cyber Protection Magazine: What cybersecurity strategies do you advise businesses to adopt in this period? What do you think should be their number 1 priority? What about individuals’ cybersecurity?
Morten Kjaersgaard: It is obvious that businesses must quickly strengthen their levels of protection. The number of attacks has increased and is forecasted to grow. IT departments across Europe are under greater strain, and cybercrime, if perpetrated by a state actor, can also be used to finance a state. As a result, they must strive to close as many attack entry points as possible, covering patch management, privileged access management, DNS protection, and, most importantly, ransomware encryption prevention.
Other personnel-related key actions would be: enabling multi-factor authentication, adopting strong passwords, and training staff, as phishing is still one of the most common attack vectors, even for advanced adversaries.
Individuals must be on the watch for fraud and phishing, which are currently the most common methods of attack. It can be difficult to detect and almost impossible to prevent, but proper cybersecurity awareness and understanding can undoubtedly help a lot. They can find lots of free resources online.