The CCB says it does not see a concrete cyber threat from Russia as a result of the invasion of Ukraine for now. The center does point out that it is a good idea for organizations to scrutinize their cyber resilience.
The Russian invasion of Ukraine worries Belgian organizations and companies. The Center for Cybersecurity Belgium notices this. The CCB wants to partially reassure organizations: there are currently no objective elements pointing to a concrete cyber threat against our country. However, an attack with an impact on Belgian companies can never be ruled out.
The CCB notes that an attack does not necessarily have to target our country to have an impact. NotPetya in 2017, for example, targeted the Ukrainian government agency, but ultimately struck businesses in our country as well. Furthermore, Russia does not shy away from using digital means to advance its interests. Belgium houses NATO headquarters, which causes concern.
Precautions
The CCB therefore advises organizations to strengthen their cybersecurity defenses. The center points out that this advice is not only valid now in light of the Russian threat, but applies year-round. Four tips should help companies get started.
- Work up a cyber emergency plan, update it if you already have one, and also test it on a regular basis. After all, employees need to know what their job is in the event of an incident.
- Have an up-to-date contact list that you also keep on paper.
- Consider help from an outside partner.
- Make sure your systems are up-to-date and make backups that you keep offline.
The tips cover the minimum in terms of preparations. Certainly the last one really should not be underestimated. After all, most attacks make use of known vulnerabilities. The slow patch regime of many companies ensures that the damage is still significant. An offline backup protects you from ransomware in case your entire infrastructure is cracked.
Russia has already(again) focused its cyber arsenal on Ukraine for now. DDoS attacks are crippling government services and new malware is attempting to bring systems to their final downfall by deleting data. It involves sophisticated malware that abuses legitimate drivers from EaseUS Partition Master and combines them with a genuine digital code certificate originating from a Cyprus-based company.