Ep 3: Ukraine Cyberwar is very real. Do you need to worry?
Episode 3 became necessary after I was asked at least a dozen times how to prepare for the potential of a cyberattack resulting from the war in Ukraine. I wasn’t going to podcast about the war as it is already receiving a lot of attention from mainstream media. I decided to do this to have a resource for people asking me questions, and because when I searched up what others were saying I saw that a lot of it was sensationalism.
Most of what I share is not new. In fact, read or listen to some of my previous content and you will see I have encouraged a strong password policy, 2fa, and not to click on links numerous times. Yet, there are a few things you should prepare yourself for.
Have a listen and leave a comment.
Transcript of Ep 3: Ukraine Cyberwar is very real. Do you need to worry?
People are the weakest link in any cybersecurity plan. We’re distracted, exhausted, and often unmotivated. It’s time to change the approach used to protect our businesses, technology, identity and data, the human element has to be front and center in the war against data breaches and ransomware attacks, it’s time to educate.
Welcome to the human element podcast, visit our website at thehumanelement.net for more content to help you strengthen your awareness of the people problem in cybersecurity. I am Scott Gombar. Owner Nwaj Tech is a client-focused, security-minded proactive IT service provider. Hey everyone, Scott Gombar Here, episode number three. And this isn’t really an episode I want to do. But I feel like I need to do it. And so last week, I did send an email out to all of my clients to help them identify what they need to be aware of. This week, I’m recording this podcast, as it looks like the war between Russia and Ukraine will continue on and they’re announcing for months or years. I really hope it doesn’t. And I really, it’s really sad to see that the entire world is telling Russia to back off. And this one man is just not listening. But this is not a political podcast. So I’m going to back away from the political component. And we’re going to start episode three, Russia, Ukraine, cyberwar is very real. But do you need to worry? So I saw a number of news articles, blog posts, just all kinds of things that discuss how to protect yourself during this war because of the potential of a cyber attack. So let’s start off by addressing and I have been asked as well, which is why I sent the email last week, but even since then, I’ve been asked a few times, again, how do I prepare myself for the potential of a cyber attack during this war, and we all know a lot of these advanced persistent threat groups exist in Russia, these the hacking groups, so they exist in Russia, I believe I saw somewhere that Ukraine was able to shut down Conte, which is one of the groups in Russia. But there are others and, of course, their nation-state-backed groups in Russia, that won’t ever admit to that, but they’re there. We know most of the cyber attacks that occur come, a lot of them come out of Russia is not the only country and there are other players in the game. And then there are some rogue cyber attack groups as well, that don’t have nation-states behind them. So it does happen, and I’m not going to say it won’t happen. Or that, you know, you’re too small, because I don’t believe anybody’s too small to be the victim of a cybercrime. It happens all the time small business owners. And usually, when it happens to a small business owner, they usually end up going out of business within six months. So the threat is very real. However, with this war, the Russian advanced persistent threat groups, and the hacker groups and or, you know, whatever you want to call them, the cyber attackers, they’re not really interested in the little guys. They’re interested in critical infrastructure, enterprise-type businesses like Microsoft or, you know, SolarWinds, for whatever that’s worth at this point, Apple, things like that. Those are the companies that they’re interested in. They’re interested in federal agencies, things that are high level that could do the most amount of damage and potentially draw other countries into this in I know that, in a way, most countries around the world are already in it. In a sense. Most countries don’t have anybody else on the ground, but we’re we’re sanctioning Russia and basically putting them in a chokehold providing weapons to Ukraine. Again, this isn’t a political doing and this isn’t a history lesson. But you know, we’re, most of the countries around the world are doing these things. So, Russian hackers, Russian cyber attackers are going to target those they feel are inflicting the see all of these things on their country by order of Putin that, again, is not to say that you, there isn’t a chance that you could be attacked, I don’t want to minimize that threat. Because it’s always a threat. And it doesn’t have to come from Russia, it could come from anywhere in the world, it couldn’t come from Iran, North Korea, it could come from your next-door neighbor. So don’t minimize the fact that you could be attacked.
And that there are things you can do to mitigate that risk. And so that’s the purpose of this podcast, really to say, yes, the threat exists, you’re not likely to be the target of this war, at least not yet. That could change soon. Who knows. But I don’t think the average small business owner or the average person has anything to worry about in regards to the Russian Ukraine cyberwar. And so I see some new sites and blog sites sensationalizing it saying, you know, here’s what you need to do to protect identity. And, you know, this is a very real threat and the threat existed before the threat will exist after the threat will exist the whole time during. And there are some things they may target us as individuals and small business owners are not going to get to that. But as far as Russia and their cyber attackers are concerned, then we’re not to target critical infrastructure as a target. And in that sense, we are the target, the federal agencies, the enterprise businesses, again, Microsoft, Apple, VMware, those kinds of companies. I’m sure, Tesla’s a target at this point since he sent over the Starlink. to Ukraine, but we are not targets, the small business owners to the people that listen to this podcast are not the targets. That’s not to say we shouldn’t be concerned. So I put together a list of things that I think will help you put your mind at ease, will help you protect yourself, not just from threats from Russia, but from anywhere, again, your next-door neighbor, the 16-year-old kid who’s learning how to program and hack. These are the kinds of things that he might do. So let’s just go through the list. Let’s discuss them. So the first one, and probably the most important one is to remain vigilant. If you are always aware of what’s going on, and aware of the potential threats, and address them as they’re needed, and some of those we’re going to talk about, over the next hour, I don’t know how many things I have here, but quite a few. And again, some of these aren’t going to be that important as it relates to Russia, they’re important, but not as it relates to Russia. But if you’re always aware of your surroundings, you’re always aware of the potential of an attack, you’re always aware, I shouldn’t click on that email link or I shouldn’t connect to this public Wi-Fi hotspot or whatever it is. And you’re aware of the current threat landscape Soyez, as you may or may not be aware, during the pandemic COVID-19 websites with false information popped up all over the place trying to collect information from unsuspecting people. That’s probably dying down at this point. But now I’m sure there are tons of websites popping up regarding the Ukrainian war. And I’m going to get to that shortly about the websites, but if you’re aware that this is a very real threat, then you will know what to look for and how to avoid it. So that’s the first thing and we have a tendency to let our guards down. And you’ll hear me talk about this a lot. But on Friday afternoon or right before a long weekend. So you know, I think the next long weekend is for some of us is going to be Easter weekend. Or you know, St. Patrick’s Day is coming up. So maybe we take the day before off for the day after off. We make it a long weekend. I don’t know what day of the week it is. I think it’s I think it’s actually a Thursday this year. So maybe we take Friday off and make it a long weekend. March Madness is coming up. So these things tend to distract us. And when they do, we tend to let our guard down and when we let our guard down, things happen. You have to remain vigilant and that is what I’m going to say. For every potential attack, every social engineering attack remain vigilant. And keep yourself abreast of what’s going on. Keep yourself educated in what are the potential threats. Go to reputable sources come back here thehumanelement.net or go to my company’s website and nwajtech.com N W A J tech dot com the second one And I will say this until I’m blue in the face. Be wary of emails or texts asking for donations. Everybody’s going to start asking for donations if they haven’t already known, I know of some legitimate sources for donations to Ukraine to help out in Ukraine. They need food they need supplies. They need I think they may be running out of oil and gas, I’m not sure.
You know, I don’t know what’s going on over there. They need clothes I’m sure. Just the bare necessities at this point, it’s a very dire situation, I believe they’re saying people are crossing over to Poland, Hungary, Hungary, and Romania in the millions at this point. And so those countries are going to need some support. And they’re going to need some donations. And it’s a very sad situation. But it’s also one where people take advantage of it. So when you want to donate and 100% Agree, donate, help out any way you can. Make sure who you’re donating to is reputable. Do your due diligence and check on them find out, there is a great website Charitynavigator.org. I wouldn’t just rely on that because some smaller nonprofits tend not to be on there. But that is a great resource. Ask around make some phone calls, check on the legitimacy of that. group seeking donations is not necessarily a nonprofit, always, but check on the legitimacy of it. Never click on unsolicited links or download unsolicited attachments. This is standard operating procedure, you should not do this ever. But now more so than ever, especially again, if it has anything to do with the war. So I’m not gonna spend a lot of time on that. Does the grammar look like it was translated using an online translator? I reviewed a couple of phishing emails on my company’s website and wash tech.com As of this recording as the most recent video. So every week we do a phishing review video. So again, more educational stuff, but to have the emails, the way the grammar is in the email, it looks like somebody took another language, put it into Google Translate, and click translate into English. It’s just how it comes across. It’s how it looks to me if the grammar is not great, and it looks like it may have been translated like some words just don’t make sense. Then the email probably wasn’t written in English, it was probably written in another language and translated using an online translator. If it looks that way, wouldn’t reply to it, I wouldn’t click on anything in it. immediately delete if the email comes from John Smith, but the email address is you know, a different name, delete it is another tip visits sites that are reputable phishing sites are launched all the time. So during the pandemic, again, as I mentioned earlier, we had COVID-19 pandemic sites all over the place. And I would say the vast majority of them were phishing sites trying to collect information from people maybe even collecting money or something else. Most of them were fake, there is software out there that helps recognize those sites and blocks them that you know, like DNS filtering. And then you know, it’ll automatically block sites that are new, I think registered within six months or something like that you could change those settings or sites that purport to be something they’re not, you can also block sites based on their content, and so forth. If you visit a site, and you’re not sure if it’s reputable, you can go to who that is. Put the website address in the search in there and just look to see when it was registered. If it was registered recently, then chances are it’s not legitimate, and you should avoid it. This is what they do. Whenever there’s a big news item, mainstream media news that’s constantly running 24/7. They’ll launch websites to try to get information from you. And some of those websites might be asking for donations even though they’re not real. Crypto transactions should only take place on trusted platforms like Coinbase. If you’re not familiar with crypto, don’t start a new career in crypto and expect that you’re going to know where to go. You should use Coinbase in the US. I’m not sure if there’s any anybody else at this point that’s doing it in the US and If you’re not familiar with crypto then just stay away from it. And if you’re if you do get hit with a ransomware attack, they always ask for a payment in crypto usually Bitcoin. Don’t pay. Don’t do not pay unless you have no other options if you can restore from a backup or recover somehow do not pay.
If you get robocalls or calls that have a long pause before someone talks, we’ve all gotten these calls, right? You pick you answer the phone, you say hello. And there’s like a five or six-second silence in your boob, or room some sound like that. Hang up, just hang up because it’s a robocall. It’s an autodialer, and 99% of the time those calls are not legitimate just hang up. And so I have read where there is the potential for voice phishing calls phishing, we took talked about in a previous podcast episode to go back and listen to that the success rate of a phishing campaign that also uses voice phishing, or vishing is much higher than one that one or the other by itself. robocalls hang up calls where there’s that long silence when you pick up hang up. Use strong passwords to FA MFA, I have beaten this to death. I’m not going to expand on it in this podcast in this episode. But you should have strong complex passwords that are not reused anywhere else. So you should not have the same password for your bank for your email for your Facebook account. They should all be different. And you shouldn’t be one you’ve used before. Go check to see if you’ve ever been compromised before you can do that on our website and watch tech.com and nwajtech.com top right menu option it says I think it says free tools and just go there. And you could check to see if you’ve ever been involved in a breach and what information was breached. Avoid public hotspots don’t go to Starbucks, or the airport, or somewhere else in or what’s the other one. I think Starbucks is the big one. It’s really easy for me to show up with just my cell phone and a laptop. Sit down, turn on my cell phone public hotspot name is Starbucks Wi-Fi, let you connect to it, and I’m on my laptop and steal your information from your laptop. It’s not hard to do at all. It happens all the time. Don’t use public hotspots, use your almost everybody now has a smartphone. Your smartphone has the ability to act as a hotspot, use that hotspot, and don’t allow anybody else to connect to it. Ensure all software is up to date, especially anti-malware software. Again, we’ve beaten that to death. We talked about it in episode two. And I’m sure we’ll talk about it again. So I’m not gonna spend any time on it here. But make sure everything is up to date. Because when they attack, they will attack those vulnerabilities first, periodically check your credit report and financial accounts just to make sure it’s all up to snuff. Be prepared for attacks on critical infrastructure. So this one is what I think we really, this is the one I think we should be the weariest of it has been a threat for years now. It has not happened on a large scale in the US. But that’s not to say it won’t or that it couldn’t or that we’re not a target. No, I did read some say don’t believe the US is a target for this type of attack. I would say we are. And I would say critical infrastructure is things like water supply, electrical grid, things like that. Maybe communications, cable companies, cable companies have been attacked before but not enough to where everybody’s without service for a long period of time. In order to combat that have nonperishables on hand so if the electricity does go out for an extended period of time you have you still have food, have water on hand batteries it set and you know flashlights things like that candles all the stuff that you would normally have on hand in the event or hurricane or Blizzard was approaching you to want to keep these things on hand so that you still have a way to function have you know you could have propane for your for grill anything to allow you to cook, drink water clean water and survive during an extended power outage or something along those lines. So I hope this helps someone rest easy it’s not I don’t think any individual or small business owner has anything to worry about
from this war particularly unless you you know your work you know for me, maybe because I work in cybersecurity but for most of us, probably not even me, I don’t think I would be a target. But I do think there will be some cyber attacks on critical infrastructure on federal agencies on enterprise-type businesses. If you think about it, if, if somehow Russia was able to take down Microsoft, for example, and stop Microsoft 365 Hartono, how many millions of emails would not be sent or received, and that could do a lot of damage? That’s out of your hands, though, that would be up to Microsoft to do to handle that, you know, if Apple somehow was attacked, and suddenly your iPhone doesn’t work, millions upon millions of maybe not, maybe billions, I don’t know. Suddenly can’t use their iPhones. It’s out of your hands. There’s nothing you could do about it. Probably a good case to keep the landlines still, even though that’s getting harder and harder to do these days. So not to be the doom and gloom guy. I don’t want to be that guy. And again, I don’t think you have to worry any more than you normally would. You should always be concerned about these things anyway, for the most part. But I don’t I don’t think Russia is going to attack mom and Pop’s grocery store in the corner of Main and West Main. I just don’t think that’s going to happen. So until the next episode. remain vigilant