Advice on the situation in Ukraine
Cyber security advice regarding the ongoing developments in Ukraine
We have noticed a rise in digital attacks related to the situation in Ukraine. Be prepared for the possible consequences for your organization in the case of such an attack. The nature of these attacks comes from a variety of intentions. We see direct damage, collateral damage, or the ‘spillover effect’ as result of a non-target specific attack.
What should you keep in mind?
Insight in your suppliers.
Make sure to have a clear view on your suppliers, service providers, etc. that might have connections with Ukraine and Russia. Asses what possible consequences there are for your own organization in relation to them regarding this subject.
Use reliable sources and implement a daily ‘factcheck’ regarding information being shared or used for (internal) follow-ups.
Inform your team about crisis management.
Share information regarding continuity and how to deal with crisis situations. Be prepared.
Be alert on digital attacks.
So far several (digital) attacks have occurred, mainly through malware with destructive purposes and targeted for locally involved parties and surroundings.
Research the technical possibilities of limiting traffic to and from suspicious domains. Be aware that on a geographical scale, attacks can come from everywhere. This makes it so that geo-blocking is not the only or even best solution for this issue.
Monitoring, logging, and checks.
Check your logging and monitoring data. Look for suspicious, unexpected, or unknown behaviour from traffic, applications, etc. Act accordingly through policies set by the law or your organization when you suspect something to be out of the ordinary.