Conflict closer than we think

Boards need to be prepared for cybersecurity threats resulting from the Russia Ukraine war.

type
Article
author
By Institute of Directors
date
25 Feb 2022
read time
1 min to read
Array of red alert lights against black wall

The National Cyber Security Centre (NCSC) has issued an advisory encouraging New Zealand’s nationally significant organisations to consider and strengthen their cyber security readiness in response to the conflict between Russia and Ukraine.

According to analysts from Kordia’s Cyber Security division, despite our geographic isolation New Zealand is not immune to global cyber threats.

“The digital risk associated with the conflict could have implications for countries like ours. This could look like cyber-attacks on Ukrainian targets, which subsequently spill over onto global networks, or attacks on supply chains, that could disrupt any businesses that have touchpoints with Ukraine. Similarly, if countries who support Ukraine’s sovereignty implement sanctions on Russia, there is a risk of retaliatory cyber-attacks and related market disruptions.

There is a precedent for such events – in 2017, the NotPetya exploit, which was initially leveraged at Ukrainian targets, spread to other businesses around the world creating mass disruption. Global companies such as Maersk, Mondelez and DHL had their systems compromised, and estimates place the damages caused by NotPetya in the vicinity of $10billion USD.“

With the escalation of the conflict over the past few days, the NCSC recommends “nationally significant organisations consider their security posture, exercise readiness, and monitor for relevant cybersecurity developments”.

More detail on the historical use of state-sponsored cyber-attacks, including known vulnerabilities which have been previously exploited can be found on the US Cybersecurity and Infrastructure Security Agency (CISA) website.

CISA recommend organisations undertake the following steps to help them “improve their functional resilience by reducing the risk of compromise or severe business degradation:

Be prepared. Confirm reporting processes and minimize personnel gaps in IT/OT [operational technology] security coverage. Create, maintain, and exercise a cyber-incident response plan, resilience plan, and continuity of operations plan so that critical functions and operations can be kept running if technology systems are disrupted or need to be taken offline.

Enhance your organisation’s cyber posture. Follow best practices for identity and access management, protective controls and architecture, and vulnerability and configuration management.

Increase organisational vigilance. Stay current on reporting on this threat.”

See more on the NCSC’s General Security Advisory: Understanding and preparing for cyber threats relating to tensions between Russia and Ukraine

Resources and readings