Talion is a finalist for Best SIEM Solution

Talion is a finalist for Best SIEM Solution

Contact
Do Economic Sanctions Increase The Risk Of Cyber Attacks? - Talion

With the recent spotlight on economic sanctions against Russia, you may be questioning how this affects the susceptibility of countries falling victim to cyber-attacks around the world. What are the recent cyber-attacks businesses must be aware of, where do they originate from, and how can we know who is behind them?

 

What are economic sanctions?

Economic sanctions are presented as an alternative means of punishing a country without resorting to war. This is to encourage a country to change their unwanted actions, often residing when a country is deemed a perceived threat to the security of another, or the country treats its citizens unjustly. Sanctions most commonly manifest as commercial or financial penalties, such as restricting trade items or freezing assets.

 

What effect do economic sanctions have on cyber security?

Economic sanctions are often imposed on two types of audiences:

  1. Specific groups
  2. State Governments

 

1. The Lazarus Group

The Lazarus Group is a key example of sanctions against a specific group. Sanctions were imposed on a North-Korean malicious cyber group by the US Department of OFAC in 2019 due to malicious cyber activity on critical infrastructure. The intention was that this would prevent any future cyber-attacks from following, however there was a new wave of self-spreading cyber-attacks in 2020, infecting victims with sophisticated homegrown ransomware, dubbed ‘VHD’. It used credentials previously harvested from its victims, allowing the Lazarus Group to gain access to password-protected systems on their networks.

Could these economic sanctions have had the opposite effect?

 

 

2. Russian State Government

As of recent times, sanctions against State Governments and wealthy influencers have been more prevalent; the economic sanctions placed upon the Russian state government by the US, UK, EU, among others, has proven that imposing sanctions upon a whole nation has a wider impact; civilians are affected too. Outside of sanctions issued by governments against nation states are a form of sanction whereby organisations restrict the sale of their products. These ”tech sanctions” that American corporations have imposed to restrict Russia’s digital technology has caused brands such as Apple to completely shut down their stores, preventing anyone from purchasing items direct from the company.

Pair this with the economic fallout of government sanctions and individual citizens are squeezed into a place of pressure and tension by the punishment placed upon their country. Could this cause them to act out and drive the increase of cyber-attacks as a result? Does this lead to vigilante hacktivism in a similar vain to Anonymous targeting Russia, and do existing cyber-criminals become more motivated to carry out attacks against the West in response to economic pressure felt by their follow citizens?

 

Recent cyber-attacks to be aware of

Due to the pressure placed upon Russian individuals amidst the crisis, cyber warfare has hit a peak, as seen in the following events:

1)  DDoS attacks – on 23rd February 2022, before Putin mobilised into Ukraine, DDoS attacks infiltrated the websites of Ukraine’s Defense Ministry and one of its major commercial banks, PrivatBank, flooding the victim’s servers with connection requests.

2) HermeticWiper – on 24th February, a new data was unleashed against a number of Ukrainian entities, bypassing Windows security features and gaining access to many low-level data-structures on the disk.

3) Conti Ransomware – having pledged their alliance to Russia, Conti ransomware attacks have reportedly accelerated to more than 1,000 against US and international organisations, with notable attack vectors including Trickbot and Cobalt Strike.

4) Viasat Outage – unidentified hackers have reportedly disrupted broadband satellite internet access in Ukraine from Viasat’s KA-SAT, causing around 10,000 terminals across Europe to be knocked out.

 

The UK’s National Cyber Security Centre have said that organisations should “bolster their online protections [as] there has been a historical pattern of cyberattack on Ukraine with international consequences.”

 

 

How can we tell who is behind these cyber attacks?

 

“One of the difficulties with cyber instances is that there are blurry lines between private actors and government actors. It’s not always easy to tell who’s who. We can trace attacks back to a geographical location but actually knowing who is sitting on the other side of that keyboard or who they’re working for or who they’re being paid for is very difficult to know.”

– Madeline Carr, Professor of Global Politics and Cybersecurity at UCL says, on the BBC Sounds Episode

 

As a result, the NCSC are encouraging organisations to stay vigilant of the increase in cyber-attacks, especially in a time where sanctions are causing increased pressure on individuals in countries such as Russia, causing them to act out amongst the chaos.

Take a look at one of our most recent blog posts for guidance on what actions your business can take to reduce risk.

 

 
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Talion
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Talion
24x7x365 UK-based Security Operations Centre
Talion
Service underpinned by market leading threat intelligence team
Talion
Continually developed threat relevant content, backed by SLAs
Talion
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Talion
Experts in SIEM and SOAR technology
Talion
UK-based Senior Leadership
Looking to maximise value and flexibility?
Learn how Talion and DEVO partner to achieve this.
Discuss your cyber security needs
Contact us below and one of our team will be in touch to answer your questions.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Get In Touch With Us

Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.