The Ukraine-Russia conflict is making a widespread impact on global cybersecurity. With an onslaught of cyberattacks and hacker groups taking sides, the cyberwar has already begun.Â
In this video, Toolbox spoke to Allen McNaughtonOpens a new window , director of systems engineering, Infoblox to understand what impact the Ukraine-Russia conflict has had on global cybersecurity and what the tech community should do to mitigate the risks of this cyberwar.
Key Takeaways How To Protect Data Amid a Global Cyberwar:
- Train your people as phishing remains the number one cyberattack factor
- Get an in-depth defense architecture to secure remote users
- Prevent users from going to malicious site with the help of domain name system
Read the full transcript of our conversation with Allen McNaughton here:
0:12Opens a new window  – What impact has the Russia-Ukraine conflict had on cybersecurity protocol across the globe?
Allen: The Ukraine-Russia conflict has highlighted issues and challenges in both the physical world and the cyber world. And, and we’re really seeing this as people start to take sides. So if you look at Anonymous, a hacker group, they came out and said that they’re going to start going after Russian assets. And with any conflict, there’s always collateral damage.
“So as we go through this Ukraine-Russia conflict, we don’t really know what the scope is going to be and how far this is going to reach. But overall, we all have to remain vigilant as this continues to unfold, both in the physical world and in the cyber world.â€
See More:Â Destructive Malware That Hit Ukraine Can Target U.S. And U.K. Organizations, Warns Microsoft
0:53Opens a new window – How should American businesses and organizations prepare for cyber attacks escalating from the current crisis?
Allen: Everybody knows that Russia invaded Ukraine. But this is the first time we’re seeing a cyberwar on a global scale where that’s causing cyber actors to pick sides. And we’ve never really seen people rally to either side like this before. And this really just serves as a reminder that we should always be vigilant.
“Cyberattacks can happen at any time and this is really just showing the spotlight on it. One of the things to really consider whether you want to hear it or not, is that bad actors, nations, states most likely are already into our critical infrastructure. And frankly, we’re probably already into theirs.â€
So wouldn’t it be great if we got ahead of the curve and found out where they were within our critical industry and got them out of it? Speaking of critical infrastructure, there was just an attack over the weekend in Russia, some hackers got in and they started turning the power on and off in a city and they recorded it and they put it out on Twitter.
So these things are very real and we’ve just got to remain vigilant. We’ve gotta get out in front of it and focus on our defensive tackle and root out the bad actors as they come into our networks.
See More: Russia’s Takedown of REvil Sends Shock Waves Across the Cybercriminal Community
2:20Opens a new window  – What should the tech community do to mitigate significant risk, ensure operational resilience, and avoid supply chain disruption?
Allen: One of the ways to remain vigilant is to get out in front of things that are self-inflicted wounds such as default passwords. You’ll make sure you’re not using those while securing your network. I wish I could come out and say that there was a silver bullet when it comes to the cyber world or security, but there just isn’t. You gotta take it in layers.
And the first thing is to focus on your people. Phishing still remains the number one attack factor into a network. So training your people, helping them to prevent phishing attacks would be number one.Â
“Number two is looking at a defense in depth. When you start thinking about it, well, I’ve got a VPN to protect my remote users. And, VPNs are great at encrypting data, but they don’t necessarily secure your remote users. So, taking a look at that and having an in-depth defense architecture is critical. Protect your users, whether they’re there on net or off now.â€Â
And, the third is controlling where your users go. Domain Name System (DNS) is a great way to do that. Preventing them from particularly potentially going to malicious sites or keeping them off of social media and things like that when they’re on corporate assets.Â
So, being able to leverage all of those different things will help you remain more vigilant. You’ve got to look at that defense architecture in-depth because there’s really no single way to help solve all of your cybersecurity issues.
How do you plan to protect critical business data amid the ongoing Ukraine-Russia conflict? Tell us on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!Â
MORE ON UKRAINE RUSSIA CYBERWAR:
- 5 CISO Approved Security Best Practices Amid Russia-Ukraine Conflict
- Chinese and Belarusians Join Russian Hackers in Attacks on Ukrainian and EU Agencies
- Ukraine-Russia Crisis: Hacker Groups Take Sides As the Crisis Escalates
- Ukrainian Government Sites Bombarded with DDoS and Data Wiping Malware Attacks
- Ukraine-Russia Conflict: Can Russia Unplug Itself From the Global Internet?