Blog
← Back to Blog
February 28, 2022 cybersecurity

Russia Invaded Ukraine. Here's Why Your Practice Should Be on High Alert.

Cyber warfare threats and business security preparedness

Last week, Russia launched a full-scale invasion of Ukraine. Alongside the military offensive, Russia has deployed significant cyber capabilities: wiper malware targeting Ukrainian government systems, DDoS attacks on banks and government websites, and disinformation campaigns across social media.

CISA (the Cybersecurity and Infrastructure Security Agency) has issued a "Shields Up" advisory, warning all US organizations to prepare for potential retaliatory cyberattacks. This isn't theoretical. It's an elevated threat that applies to every business, including yours.

Why Your Practice Is at Risk

Collateral Damage

NotPetya in 2017 was a Russian cyberattack targeting Ukraine that spread globally and caused $10 billion in damages to companies that had nothing to do with the conflict. Maersk, Merck, FedEx. Cyber weapons don't respect borders. A wiper or worm targeting Ukrainian infrastructure could spread to US systems through shared networks, supply chains, or cloud services.

Retaliatory Attacks

As Western sanctions intensify, Russia may retaliate through cyberattacks against US critical infrastructure and businesses. Healthcare, financial services, and legal services are all potential targets.

Criminal Gangs Choose Sides

The Conti ransomware gang publicly declared support for Russia. Other criminal groups are aligning with various sides. This political dimension may increase or redirect criminal cyber activity against US targets.

CISA's "Shields Up" Recommendations

CISA is recommending all organizations take these steps immediately:

  1. Enable MFA on everything. Particularly remote access, email, and admin accounts.
  2. Deploy patches immediately. Known exploited vulnerabilities are the primary entry point. CISA maintains a catalog of actively exploited vulnerabilities at cisa.gov/known-exploited-vulnerabilities.
  3. Disable unnecessary ports and protocols. Reduce your attack surface.
  4. Ensure backups are tested and offline. If a wiper hits, backups are your only recovery path.
  5. Confirm incident response procedures. Know who to call. Know what to do first. Practice the plan.
  6. Maximize logging and monitoring. Enable detailed logging on all critical systems. Watch for unusual activity.

For Dental, Medical, Legal, and Financial Practices

  • Healthcare: HHS has issued specific alerts about Russian cyber threats to the healthcare sector. Review and implement their recommendations.
  • Legal: Firms handling sanctions-related work, international trade, or government contracts face elevated targeting risk.
  • Financial: Banks and financial services are historically primary targets during geopolitical cyber conflicts.
  • All practices: Review your security posture against CISA's recommendations. Fix any gaps immediately.

We hope this conflict de-escalates. But hope isn't a security strategy. Prepare now.