There’s very little doubt left as to whether Russia has been hacking into large organizations in the United States, including democratic institutions, businesses and public infrastructure. No computer’s safe from harm, regardless of internet connectivity. In some cases, flash drives and other external data sources infect systems that are deliberately off the grid. Russian hackers have been using multiple vectors of attack to penetrate cyber defenses, causing billions of dollars of losses to enterprise and public institutions. Organizations of all sizes must protect themselves through constant vigilance, external assessments and fundamental security checks such as two-factor authentication.
While it’s impossible to attribute exact figures to specific cyber criminals, recent revelations from the FBI have confirmed what many claimed during the 2016 election campaign — specifically, that Russia had managed to hack DNC servers, compromising the digital infrastructure one of the biggest democratic organizations. Other targets have emerged from operation “Grizzly Steppe,” including Russian malware found in at least one American utility company, the Burlington Electric Department located in Vermont.
Estimates from the Wall Street Journal suggest that cyber crime cost the United States upwards of $100 billion in 2015. This number’s considered conservative, with some experts implying costs reaching $1 trillion. Lloyd’s estimate for cyber crime damages in 2015 was $400 billion. In 2019, Juniper Research states, data theft will cost companies $2.1 trillion, partially because of the increased digitization of consumer data. These numbers represent staggering losses, draining a considerable amount of productivity from the efforts of enterprise. Based on these estimates alone, organizations need to invest in cyber security measures that mitigate digital risks.
The recent wave of Russian cyber attacks tend to start simply before descending into chaos. Intrusion typically begins with spear-phishing, involving fraudulent email that leads the user to believe they must supply passwords and other credentials needed to access the system. Once this sensitive information has been revealed to hackers, they begin to steal confidential documents and attempt to compromise private information from other email accounts. During this time, hackers may also upload malware into the system, which helps cyber criminals keep tabs on the entire network, including efforts to repel attackers.
Business enterprises and other large organizations need to implement two-factor authentication as soon as possible to prevent easy spear-fishing attacks. This enables the transmission of a secure code to a mobile number or another digital device, ensuring that the user seeking access isn’t doing so under false pretenses.
Mistakes happen, which makes continuous monitoring of your network a top priority. During the first crucial moments of a cyber intrusion, early detection can help to reduce overall damages. Counter-intrusion methods may be deployed, and vital data may be protected from theft or destruction.
Maintaining a vigilant cyber security profile helps to eliminate threats and risks before hackers find them, including potential vectors for phishing and malware attacks. Conducting network vulnerability assessments and cyber threat assessments through an external vendor reinforces your organization against the type of attacks currently utilized by Russian hackers.
Russia’s use of cyber attacks around the world focus on compromising private and public institutions to benefit interests vital to President Vladimir Putin. The U.S. government’s response appears to have been slow in this matter, which means that businesses and institutions need to rely on their own efforts to defend against Russian cyber criminals.
Enterprise and large organizations that respond lackadaisically to cyber threats risk large financial losses and the potential of legal liability. As a managed security company, ExterNetworks believes periodic vulnerability assessments and constant network monitoring defends against malicious attacks. Rapid detection of rogue devices and suspicious activity prevents the escalation of digital crime.
Get the latest content from our NOC Services Blog.