Published on the 01/03/2022 | Written by Heather Wright
And Ukraine backers hit back…
New Zealand and Australian businesses are being warned to be extra vigilant with their cybersecurity with cyber security agencies in both countries issuing warnings in the wake of Russia’s invasion of Ukraine and a bombardment of cyberattacks as part of the conflict.
Both the Australian Cyber Security Centre and New Zealand’s National Cyber Security Centre say the conflict brings with it heightened risk for organisations here through ‘unintended disruption or unconfined malicious cyber activities’, though the Australian Cyber Security Centre says it’s not aware of any specific direct threat to Australia.
It wouldn’t be the first time other countries have been caught up in the fallout of Russia’s ongoing conflict with Ukraine. New Zealand and Australian organisations were among those affected by the NotPetya attack in 2017.
“We continue to fight on the cyber front.”
The Russian attack, which was targeting the Ukraine, took down organisations around the globe including Cadbury’s chocolate factory in Hobart and Maersk, affecting both Ports of Auckland and Tauranga, and law firm DLA Piper, and caused an estimated US$10 billion in damages.
Last year’s SolarWinds hack was also blamed on Russian foreign intelligence services.
The Ukraine has been the focus of numerous – and escalating – cyber attacks attributed to Russia.
Cyber skirmishes have already broken out, with Ukrainian government systems and banks attacked in recent weeks.
Security agencies around the world have been warning that the WhisperGate wiper malware, said to be part of Russia’s offensive unleashed to attack Ukraine organisations, could spill over to other countries.
Rather than encrypting files, Whispergate is intended to destroy system master boot records.
Last week also saw the HermeticWiper attack, which prevents computers from rebooting, against the Ukraine.
Supporters of the Ukraine, including hacktivists Anonymous who have ‘officially’ declared cyberwar against the Russian government, have been quick to fire back with cyberattacks of their own since Russia invaded on February 24. Russian news organisations were knocked offline on Monday along with some government websites, including reportedly the Kremlin, while Russian TV stations were hacked to play Ukrainian music, including patriotic songs, and pro-Ukraine content.
The Ukraine government too, is reportedly arming itself on the cyber-front, calling for hacker volunteers to protect critical infrastructure and conduct spying missions.
Ukraine vice-Prime Minister and minister of digital transformation Mykhailo Fedorov said on Twitter the country was ‘creating an IT army’.
“We continue to fight on the cyber front.”
United States and European Union regulators warned banks in early February to prepare for Russian-sponsored cyber attacks, with Britains Financial Conduct Authority contacting financial companies about similar British warnings.
Australasian cybersecurity company CyberCX says “There is a real chance that destructive attacks against Ukrainian or NATO targets could ‘spill over’ to affect Australian and New Zealand organisations. This risk is elevated for regional organisations with a large global footprint, particularly those with operations in NATO countries or Ukraine.”
There are also concerns about further supply chain disruption. The White House recently warned about potential chip issues given US chip maker’s reliance on Ukrainian-sourced neon. Russia too exports elements used in the manufacturing of a range of products, including palladium used in the automotive sector, electronics and medicine. Boeing, meanwhile, which relies heavily on Russian titanium, has said it’s ‘protected for quite a while, but not forever’.
Aussie NDBs
The Russia-Ukraine threat comes as Australia reports a six percent increase in data breaches for the second half of 2021 – but a decline in malicious attacks which were down nine percent. They still account for 55 percent of the 464 reported breaches, but it’s human error which is raising concerns.
Breaches caused by human error were up 43 percent to 190, prompting Angelene Falk, Australian Information Commissioner and Privacy Commissioner, to urge organisations to put accountability at the centre of information handling practices.
Falk says after four years of the Notifiable Data Breaches scheme, organisations are expected to have strong accountability measures in place to prevent and manage data breaches.
Of the 464 breaches notified, 147 affected just one person. One breach, on the other hand affected between one million and 10 million.
The health sector reported the most breaches – 18 percent – followed by finance (12 percent).
ACSC advice
As to what to do on the Russian front, the Australian Cyber Security Centre says organisations need to ‘urgently adopt an enhanced security posture’.
This should include reviewing and enhancing detection, mitigation and response measures.
“Organisations should ensure that logging and detection systems in their environment are fully updated and functioning and apply additional monitoring of their networks where required,” it says.
Organisations should also assess their preparedness to respond to incidents and review incident response and business continuity plans.
