The ongoing Russian invasion of Ukraine has led to a sharp rise in cyber-attacks.

While many of the attacks are between these two countries and no specific threats to US-based companies have been recorded, there is genuine potential for businesses of any size to fall victim to the byproduct of these cyber-attacks. Global network scanning activity and cybercrime out of Russia and Eastern Ukraine are up by 300%, resulting in legitimate fears that innocent businesses will become collateral damage in this (cyber) war.

President Joe Biden’s declared that the government and its agencies have been improving national cyber security defenses for some time now. Federal efforts are mainly focused on the national infrastructure to make sure that water, electricity, and pipeline services aren’t at increased risk of attacks.

Last week, the White House issued a statement calling upon SMBs of all sizes to proactively upgrade their cybersecurity. 2FA, data backup, encryption, and employee training are high on the list of suggested steps.

Here are the action steps the White House and FBI advise you to take right now to protect your business:

  • Most importantly you need to free up money in your budget to implement multi-factor authentication. 2FA is a crucial first step in protecting your data from outside interference. It protects your accounts by forcing users to present multiple pieces of evidence – your credentials – that verify your identity before login or other transactions can occur. It combines something you know, like a password, with something you have, such as a mobile phone, increasing the likelihood that a person is who they say they are before being able to access (cloud-based) applications and data.
  • Data backups should be checked on a regular basis. Ideally, there should be a copy of your data offsite that cannot be accessed and/or changed during a cyber-attack. Having up-to-date data backups of all your critical information protects you from having to pay ransomware extortion money, prevents prolonged downtime, and is crucial during event recovery.
  • All data should be encrypted, both in rest and in transfer, meaning it would have no value and be unusable if anyone without a decryption key managed to access it.
  • Make sure you have an emergency plan ready to go that will help you to respond to any attack quickly and effectively.
  • Businesses are also being advised to provide their staff with ongoing cyber security awareness training to help them spot and avoid the common tactics used by cybercriminals. These include phishing attacks where hackers send an email pretending to be someone else. And spoof login web pages, where they hope you will enter real login details in error.
  • If you have an IT support partner already, speak with them to make sure all of your systems are fully up-to-date and patched as necessary.
  • They can also help you to audit how well you’re performing with the items above, and get a plan in place to help you respond to an attack or attempted attack.

If you don’t have an IT support partner – or you feel your current one isn’t able to help you with your data security, call us. Meeting Tree computer is a leading provider of cyber security and IT services in Orange County, NY. We can be reached at (845) 237-2117. Let us be your point of contact for all questions concerning the security of your business.