On February 17, the Department of Justice urged companies – both US and foreign – to immediately strengthen their cybersecurity posture due to the increased risk in response to the Russian invasion of Ukraine.

At the Munich Cybersecurity Conference, Deputy Attorney General Lisa Monaco said, “Given the very high tensions we are experiencing, businesses of all sizes and sizes would be foolish not to prepare at this time. even, to increase their defenses, to do things like patching, to reinforce their alert systems, to monitor their cybersecurity in real time. They need to be, as we say, “protected” and really be on the highest possible alert level and taking all necessary precautions.

To preface her remarks, she referred to the NotPetya cyberattack in 2017 which targeted Ukraine but spread around the world, causing billions of dollars in damage. And earlier this week, the Department of Homeland Security (DHS) and the FBI warned state and local officials of the heightened risk that Russia could launch a cyber attack on the United States that could be timed simultaneously with an invasion of the United States. Ukraine.

Defense Prime and Subcontractors

On Wednesday, February 16, the FBI, CISA and NSA all warned defense contractors to be particularly vigilant against Russian cyberattacks, as they increasingly target the defense and intelligence sectors of the military. industry, including weapons, missile development and software development. In some past attacks, access to networks was gained through Microsoft 365. Hackers acquired network login credentials and then delivered malware to devices without the user’s knowledge. Other methods known to have been used by Russian state-sponsored hackers are:

• Phishing
• Collection of credentials
• Brute force/password spray

…in addition to methods of exploiting previously known vulnerabilities targeted at weak cybersecurity networks. Continued intrusion using these and other methods has resulted in access to sensitive unclassified information, as well as proprietary and export-controlled technology.

New Threat – QR Codes

Due to the pandemic, many businesses have implemented the use of QR codes as part of their contactless payment systems. However, as a warning to businesses using quick response (QR) codes, there have been reports of code tampering resulting in the theft of personal and financial information.

A recent example is in the city of San Antonio, TX. Police found fake QR codes on city parking meters which, when clicked using a smartphone, took the user to a fraudulent site to enter their payment details. This good example shows how hackers can target a simple, everyday and often seen as benign activity like paying for a parking meter to steal information. Cybersecurity threats are not only large in scale by only targeting large corporations and government agencies. Small businesses are often easier targets because their cyber defenses aren’t as robust as their larger sister networks. This may be especially true for small defense contractors.

In these times of heightened cybersecurity threats, in part due to the unstable geopolitical landscape, particularly in Ukraine, all of us – businesses and individuals – need to be especially vigilant about our online activities and take all necessary precautions to protect our professional and personal information.