The Ukrainian Internet service provider Ukrtelecom, used by the country’s military, has suffered from a major cyberattack. The services were brough down at a critical juncture in the war and suspicion is directed towards the Russian state, according to BBC News.
Looking into the events surrounding the crippling Ukrtelecom attack, for Digital Journal, is cybersecurity evangelist Alon Nachmany, Field CISO of AppViewX.
Nachmany’s concern is with latest criminal activity and what U.S. based organizations should do to improve their cybersecurity posture.
Nachmany begins by looking at the use of cyberattacks by the Russian state, noting: “The cyberattack on Ukrtelecom is one of the most harmful and terrifying attacks we’ve seen since Russia’s invasion of Ukraine on February 24th.”
The insidious nature of the attack is highlighted by the reliance that the Ukrainian people have on communications during the time of warfare. Nachmany observes: “Not only do civilians who are still in Ukraine rely on the Internet to communicate with non-government organizations (NGOs) – for rescue and fleeing the country, for example – they also need it to communicate with their families and friends. Simply put, this attack is the cyber equivalent of bombing civilian’s residence.”
Nachmany continues his narrative, sending out a warning to other nations that are supporting Ukraine in its defence. Here Nachmany cautions: “The attack is clearly meant to warn the U.S. and European nations about getting further involved in this war. If the U.S. continues to enforce sanctions on Russia or even deploys boots on the ground, for example, what will stop the same hackers going after our communication networks and other critical infrastructure?”
Focusing on the U.S., Nachmany says: “U.S. telecommunications companies and carriers – such as, AT&T, Comcast, Comcast and Verizon – attempt to secure our communications and we tend to rely on them to ensure that everything is safe. However, what many don’t realize is how much one carrier relies on another carrier.”
This issue relates to the outmoded system of telecommunications. Nachmany continues: “It’s very concerning, especially in a world where we seek to have true redundancy and diverse pathing. If one carrier becomes a victim of a cyberattack, the ripple effect it has on another carrier is tremendous.”
There are measures that telecommunications firms can take. Nachmany advises: “Looking ahead, organizations need to step up their security postures right away. With nearly half of today’s organizations experiencing one or more security incidents due to mismanagement of digital certificates – the backbone to enterprise security”
He adds: “It’s critical for organizations from both the private and public sectors to stop wasting any time. As the war drags into its second month, it’s only a matter of time that we’ll see more dangerous digital weapons. Adopting a Zero Trust strategy bolstered by automation is the only cost-effective and viable way forward.”
