On Russia and Ukraine: Don't Delay - Start Patching Today!

Russia has been forward-staging assets for well over a year in anticipation of launching a far-reaching cyber-attack against the United States. The increasing tensions over Ukraine could lead to Russia leveraging these assets as a way of exerting force against the United States. Don’t just take my word for it, look at the US government's recent warning and Russia's well-documented recent history.

If you aren’t familiar with them, check out the details behind the Russia-led SolarWinds attack that was first detected a little over a year and a half ago, and the Russia-led attacks leveraging Kaseya. Combined with recent issues Log4J/Log4Shell, the Russian military has had ample opportunity to not only embed themselves in the United States' critical infrastructure, but also throughout our supply chain. But they won’t stop there; individual/home devices can serve as remote bots that help spread malware and increase the severity of an attack. This means that every Internet-connected device is a target.

At a time when we’re already experiencing significant supply chain disruption, ransomware attacks that shut down government computer systems for weeks and months (see 2019 when Baltimore was completely shut down for 6 weeks), or attacks on our power grid, fuel distribution, and even drinking water and waste water systems could be crippling to our entire nation. The nation is already on the edge, and an attack now could cause economic and social damage that would last for many years.

As we see in the Ukraine (already this year and over the past few years), Russia is perfectly willing to play any and all of its cards when it wants to. It appears that Russia has its sights set squarely at invading Ukraine, and it would not be surprising for Russia to launch a cyber-attack against the US as a distraction/message to mind our own business. The only question is, how big of a message will they try to send?

This is a serious threat and individuals and organizations of all sizes and types need to start taking action. Yes, you read that right...this isn't just a business problem; cybersecurity starts with us as citizens and individuals. By following 7 simple steps you can significantly increase your own personal cybersecurity (which increases our collective cybersecurity more than you may realize).

PLEASE take a few minutes over the next few days to make sure:

1. your home computers, phones, tablets, etc. are running the latest versions of all of the software (including Windows/Mac OS/iOS/Android, your browsers, etc.);
2. you have uninstalled any software you don’t need;
3. you have enable some sort of antivirus and firewall software on your computers (Microsoft Defender and Windows Firewall are decent (Microsoft Defender Antivirus Review | PCMag), and they are both free, and there are other excellent options out there, too);
4. your computer equipment, including phones/tablets, is rebooted at least once a week (there is malware that only hangs out in memory, and rebooting will help wipe it);
5. you are VERY cautious about all E-mails you open (don’t open attachments, even from friends, unless you are truly expecting them) and the websites you visit (many sites aren’t well maintained, and the criminals/nation state actors can embed malware on those sites);
6. you use a unique password on every site (that is, don't use your work password as your Netflix password, or your Amazon.com password as your QuickBooks password); there are some great password managers out there, and now is the time to start using them; and,
7. multifactor authentication is enabled on every account that supports it. Yes, MFA slows you down. It also slows down, and can help stop, the bad guys.

If you’re a manager or own a business, please:

1. make sure your work computers are also properly updated with the latest patches for your operating systems and all software;
2. if you have the budget, run a vulnerability scan now and patch everything you can (yes, this is a bit redundant with #1, but the scanner can help catch things you've missed);
3. if you have even more budget, add network monitoring software like Carbon Black, FireEye, or Cylance, and make sure someone is paying close attention to the results; and,
4. talk to your employees and help them understand the dangers we’re facing (we all need to stay diligent) and that they should be doing, at a minimum, the 7 steps outlined above.

While taking these steps doesn’t guarantee you’ll kick the bad guys out if they are already in your systems, the steps make it significantly harder for the bad guys to move from an infected system to something you control. And that’s a good start.

I don’t do cyber consulting for a living anymore. But if your business needs help, please reach out to me and I will try to help or put you in touch with people who can help. We’re at a critical time, and the cumulative consequences of even a small handful of issues could be devastating to our economy and national security. Please take a few minutes to help ensure we stay safe.