Heightened threat activity as global conflicts surge – How to reduce your cyber risks
Today, 43% of cyber attacks involve web applications. As global tensions continue to rise, threat actors have targeted businesses and governments online around the world. Denial-of-Service (DoS) attacks have taken down national defence ministry and military websites. Similar attacks were also deployed against PrivatBank and Oschadbank, two large banks in Ukraine. Although security experts have not currently confirmed that a single entity was behind these attacks, its understood that state actors are likely responsible.
What is the threat?
Denial-of-Service attacks occur when an attacker successfully puts a service, website, or device into a state where it is unusable.
Today’s distributed denial-of-service (DDoS) attacks not only interrupt the availability of websites and applications, but also serve to distract security teams from even greater threats. Attackers combine a variety of attack types—including volumetric floods, stealthy application-targeted strikes, and role/authentication-type strategies—in hope of discovering vulnerabilities in an organisation’s defence.
Recently, these attacks were deployed against the aforementioned bank’s websites by flooding them with traffic to the point that they became unresponsive and ultimately crashed. This makes the websites unusable for example, which directly impacts all internal banking operations and all of the banks’ customers.
Why is it noteworthy?
Whenever one nation launches a cyber-attack against another, this does not just increase cyber risk for involved nations, but it also impacts global cyber risks across the board. While the attacks reported were not sophisticated or difficult to mitigate, threat actors have previously used these attacks as a tactic to create a diversion to lay the groundwork for a more sophisticated and potentially more damaging attack. As a result, organisations should remain vigilant and pay close attention to the news cycle, especially since state-sponsored actors are thought to be responsible for the devastating SolarWinds and Colonial Pipeline attacks of 2020 and 2021.
What are the recommendations?
We recommend keeping an eye out for any news that comes out pertaining to this situation, particularly to the types of attacks that might be launched. If a product that you used in your organisation has any vulnerabilities exposed, be sure to apply updates so that patches are applied. Additionally, keep an eye on any suspicious traffic that may be coming from outside of the country to your organisation. Organisations should also follow NCSC advice and act on improving their resilience with the cyber threat heightened.
For comprehensive protection, our WAF as a Service (Web Application Firewall) provides always-On DDoS protection that identifies and mitigates attacks. It ensures that attackers are stopped before traffic can begin to bombard your network.