Against the background of the war in Ukraine, many companies are already seeing signs of increased cyberattacks. Small and medium-sized enterprises should therefore quickly take specific precautionary measures.
Cyberattacks from criminal hackers on individuals, state authorities, organizations or companies are taking place on a daily basis. These generally involve the theft of data or extortion. However, Russia’s invasion of Ukraine shows that such attacks—controlled by the state—have completely different goals. A key component of “hybrid warfare” is knocking out IT infrastructure in order to destabilize the target country or limit its capacity for military action
Worries are mounting in Germany as well. Back in February, the Federal Office for Information Security (BSI) warned that cyberattacks on Ukraine could also have a knock-on effect on connected computers in other countries. Putin is also threatening far-reaching retaliatory action due to the EU sanctions. And it is no secret that Russia and groups associated with government agencies have the ability to carry these out via the Internet. In light of the dynamic developments surrounding the war against Ukraine, companies should therefore take these risks seriously and reinforce their own cyber-resilience.
According to a survey by Germany’s digital association, Bitkom, two thirds of the questioned companies already assume that the threat of cyberattacks will get worse. A further 17 percent are already seeing specific signs of this. And one in three companies have already raised their IT protective measures at short notice because of this.
Small and medium-sized companies in particular should follow this example and quickly implement the preparations and precautionary measures recommended by Bitkom:
Bring operating systems and software up to date and install security updates. Choose secure passwords—ones that are complex and different for each system. Protect as many log-ins as possible with external connections using multi-factor authentication. Limit privileges and administrator rights for individual users and minimize the complexity of the services used on the whole. Check the company’s own back-up strategy and redouble it so that all the relevant data is secured as well as backed up offline on an external storage medium.
Clearly define responsibilities where security is concerned and set up corresponding points of contact—both internally and with external service providers. Ensure that enough staff are fit to work at any given time. Guaranteeing the ability to act at short notice even without external help—in the event of large-scale cyberattacks, these could reach the limits of their capacity.
Individuals remain one of the biggest security risks, but likewise they are also the guarantors of a company’s protection. Therefore: Make all employees aware of the increased risk of cyberattacks in a target group-specific way. Clearly explain the potential dangers and provide step-by-step instructions on how to act in the event of an attack. Hold security trainings at short notice if necessary. Especially where e-mail communication is concerned, do not hastily open hyperlinks and attachments, and be skeptical of instructions.
In addition to the technical steps to be initiated, the emergency plan should also comprise organizational elements such as contact data for relevant contact persons in the company and emergency contacts of official points of contact. Legal aspects such as the obligation to report breaches of data security should also be taken into account. In addition, it should address short-notice crisis communication with customers, partners and the public.
Follow announcements from the authorities such as the Federal Office for Information Security (BSI) and the Alliance for Cybersecurity (ACS).