Is your org preparing for Russian hacking as part of Ukrainian crisis?

Question

With the West now imposing sanctions, increased Russian originated cyberattacks are likely to follow. Are corporate and government security teams at DEFCON 3?

badrabbit · Accepted Answer

I work in infosec department. No we are not, well some are talking about it but that's just silly unless your company 's compromise and resulting loss of reputation somehow benefits the russians, you do business with US gov or have presence in Ukraine.This is interesting strategic intel but everyday is a day a Russian or some other therest actor is trying to hack us. We operate assuming a breach, if that isn't just b.s. corporate speak then not much has changed.

smoyer · Answer

I think they've already launched the most financially devastating attack imaginable for U.S. corporations - have you noticed that Slack is down?

samstave · Answer

I'm surprised that cyber-attacks are not as prevalent as one may expect these days...
Cyber-war is asymmetric and cheap. And our infra is weak.
Sure, there are walled moats in FAANG but not so much in social infra (power, banking, commerce, etc)
The biggest will be when one channel of general social discourse is fully taken down. Such as slack (commerce discourse) or reddit or FB (anything people generally communicate on)
HN going down will also be a bad thing, just because of the tech-heavy user-base HN users are.
@dang, how many registered users are on HN.
Regardless, whatever that number is - its a really big % of the overall tech population.

reincarnate0x14 · Answer

If you haven't been preparing for state-level attacks from Russia and PRC backed groups, you're already way, way behind the curve.
Case in point, in the Ukrainian blackout attack of 2014, a highly capable group had access and effective control over the SCADA at the control centers and substations for months before selling it to Russian agents who utilized it at their leisure.
If your org/team is waiting for the crisis, it's only luck protecting you.

nixgeek · Answer

It wasn&rsquo;t a surprise attack by Russia &mdash; its been a possibility for several weeks. Many large organizations have been preparing for every eventuality including the heightened risk of cyberattack, likelihood of sanctions, disruption to internet circuits in that area of the world, etc.

giantg2 · Answer

Nothing that I know of. Unless you're in the SOC, I doubt they'd tell us what they are doing.

samfather · Answer

Nothing's changed other than a lot more people are emotionally charged about the topic by media.