Demo
Man vs Skill: Russia’s Increased Volume Of Cyber Attacks - Talion

The world’s most potent and active cyber adversary lurking in the shadows…

2021 and 2022 have made a name for themselves in cyber-security – not only was the shift to remote working during the pandemic a major factor in increasing security risk and disruption to businesses, but there is also now the threat of the world’s most potent and active cyber adversary Russia, lurking in the shadows.

 

The #1 method of cyber-attack

The current conflict has seen Russia turn to purely destructive attack methods. Distributed-denial-of-service attacks (DDoS), where targeted websites are overwhelmed with fake traffic, and malware wipers, where data is erased in an irretrievable manner, are currently the favoured methods of choice.

It seems low level Russian affiliates have stepped up to perform these destructive methods, while skilled affiliates have been set aside, to focus on more strategic and targeted attacks, such as uncovering government agency plans and targeting critical infrastructure.

It’s clear that Russia is utilising a high number of people, regardless of skillset, to maximise power.

 

mysterious man typing on laptop

 

What are our Threat Intelligence team saying?

Ransomware is still making a mark.

In these destructive attacks, ransomware has been utilised as a decoy. Notorious Russian strains, such as Conti, have pledged their allegiance to Russia, despite the 1TB leakage of their internal chat logs and the potential release of a decryption key.

Undoubtedly, the most concerning change remains around the destructive attack methods and their susceptibility to spill over the borders, whether this is purposeful (due to the sanctions imposed on Russia by the UK, EU and US) or accidental. Organisations, no matter where they are located, could be at serious risk.

Stay up to date with our Threat Intelligence news and insight by subscribing to our podcast.

 

#RansomAware banner

 

What action can your business take today to minimise risk?

Safety starts with vigilance, and employers must be prepared to question and evaluate what security practices are and are not working for them, whether that involves prioritising cyber security work in the short term or offering temporary defence boosts.

Key actions to take:

  • Verify employee passwords – are they unique within the business?
  • Implement Multi-Factor Authentication (MFA) across your organisation
  • Review user permissions – ensure unnecessary privileged access is removed from accounts, including leavers
  • Educate employees – make sure they know how to escalate suspicious activity, such as phishing emails
  • Review the location of your logs – keep them for at least one month
  • Prioritise patching of all users’ desktops, laptops, mobiles and key business systems
  • Make regular backups – this is imperative to your organisation’s recovery if compromised
  • Be ready – ensure your disaster recovery plans are up to date and that everyone within your organisation knows their role during an intrusion

 

A man discussing business initiatives at a meeting table

 

“The Geo-Political position in the world is creating stress and concern for organisations and individuals alike, and it’s difficult not to let that cloud our focus. However, we must not only stay vigilant of the cyber-risks posed by Nation state threat actors like Russia, but also of the everyday struggles that weaken the strength of staff in companies. Recruiting and keeping good security staff is a huge problem that is increasing the opportunities for success by cyber criminals. This blog is a step forward in helping businesses like yours take action and ensure resiliency during these unpredictable times.”

 – Mike Brown, CEO at Talion

 

For more insight into how you, as a company, can make important investments to your security posture, read our article on DDoS Attacks & Malware: Remediation Guidance Is Critical.

 
Leave a comment

Filed in Blog, by Talion. 0 comments
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Talion
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Talion
24x7x365 UK-based Security Operations Centre
Talion
Service underpinned by market leading threat intelligence team
Talion
Continually developed threat relevant content, backed by SLAs
Talion
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Talion
Experts in SIEM and SOAR technology
Talion
UK-based Senior Leadership
I'm ready
Request a more in-depth demo.
Discuss your cyber security needs
Fill in the form below and one of our team will be in touch to arrange your demo.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Send us a message

Give us a brief description of what you’re looking for and we’ll put you in touch with the best person.