Russian cyberattacks: our tips to protect you

It’s not that we really want to add another layer to the already anxiety-provoking climate born of the war in Ukraine, but today we are faced with a geopolitical situation that had a hard time blowing a wind of optimism over the days and weeks to come. When we learn that the Russian army is attacking nuclear power plants, we tend to expect the worst and hope to be surprised by the best. In any case, we are in a period where “Everything is possible” and preparation is essential. This is why we have decided to talk to you today about what you can do to protect yourself from cyberattacks.

cyberattack at tac

It should be known that the pirates have already begun their work of undermining. Tens of thousands of subscribers to the operators Nordnet, Eusanet and Bigblu have been deprived of the Internet in France since February 24. This would happen after a breakdown of the KA-SAT satellite owned by Viasat. According to the American company, she would have been caused by a cyberattack by Russian services. Its appearance on the very day that the offensive of Vladimir Putin’s troops began is indeed something to question, so disturbing is this timing. Never mind, let’s get ready for what’s next!

Guillaume Poupard, director of the National Information Systems Security Agency (ANSSI), gives us 5 tips to protect yourself upstream. While these recommendations are primarily aimed at companies, they can also be followed by individuals.

Reinforce authentication on information systems

It is important here to really shield access to the most exposed accounts (administrators, executives, managers, etc.) so that hackers do not have easy access to the most critical and important data. ANSSI recommends authentication requiring 2 factors (2FA) as “ a password, unlock pattern or signature ” and ” a material medium (smart card, USB token, magnetic card, RFID) or at least another code received by another channel (SMS) “.

Increase security oversight

For security, a concerned individual looks at his bank account several times a week to be sure that his card has not been hacked. For companies, it is advisable to implement a daily event monitoring system in order to ” detect a possible compromise and react as soon as possible “. Rapid discovery of anomalies, such as unexpected connections, will in fact make it possible to minimize the damage.

Backup critical data and applications offline

There is a lot of talk lately about the cloud, which is very practical for centralizing the availability of information. Alas, it also allows easy access to data if it is not secure enough. So don’t forget to make offline backups of the information system through cold storage solutions. Whether external hard drives or even magnetic tapes, these means allow you to ” protect backups from system infection and retain critical data for disaster recovery “.

Interview with a Russian hacker who gives details of the cyberattack operation against Ukraine:
– Massive DDoS on government sites
– takeover of military cameras
– fake bomb threats

“This is just the beginning”.https://t.co/i1yTbwjy3J

—Guardia Cybersecurity School (@Guardia_School) February 25, 2022

Establish a prioritized list of the entity’s critical digital services

ANSSI recommends as soon as possible to carry out an inventory of their organization’s digital services so as not to be caught off guard in the event of an attack. List them by type of sensitivity and identify dependencies on external providers. You will thus have an alternative solution ready in reaction to any problem.

Ensure the existence of a crisis management system adapted to a cyberattack

In the same perspective of gaining responsiveness in the event of hacking, companies must prepare for it well in advance. They are therefore invited to determine emergency contacts and to establish a response plan adapted to the management of cyberattacks. It is indeed possible that, for example, the telephony or messaging functions are targeted and put out of use. The goal here is therefore to be able to continue your activity despite the intrusions.

A little reading before the end of the world

To take the lead, Guillaume Poupard reminds you of the availability of several documents to read to help you in your efforts to secure your network: