As the conflict between Russia and Ukraine continues, the United States Government is warning American companies to be vigilant about cybersecurity and to protect themselves against malicious cyberattacks. In a statement on March 22, 2022, FBI Director Christopher Wray said they are “concerned” with the possibility of Russian cyberattacks against critical U.S. infrastructure in the wake of Russia’s war with Ukraine.
“The reason we’re concerned about it is not just based on our longstanding understanding of how the Russians operate, but it’s actually the product of specific investigative work and surveillance work that we’ve been doing all together,” Wray told an audience at the Detroit Economic Club.
The United States Congress recently passed legislation that has since been signed into law that mandates critical infrastructure sectors to report cyber security incidents, involving but not limited to, phishing attacks, malware, and ransomware, to the federal government.
What is Phishing?
Phishing is the fraudulent practice of sending emails or text messages appearing to be from reputable companies or trusted individuals to get recipients to reveal personal information such as passwords and credit card numbers. Phishing attempts are usually urgent-sounding, legitimate-looking emails or texts designed to trick you into disclosing personal information or installing a virus on your device. These scams can be sent as attachments or links that, when opened or clicked, may trigger malicious activity, or take you to fake sites that resemble the real business websites. According to CISCO’s 2021 Cybersecurity Threat Trends report, roughly 90% of all cyber attacks start with a phishing email.
What is Malware?
Malware, or “malicious software,” is a catch-all term that describes any malicious program or code that is harmful to systems. Hostile, intrusive, and intentionally nasty, malware seeks to invade, damage, or disable computers, computer systems, networks, tablets, and mobile devices, often by taking partial control over a device’s operations.
What is Ransomware?
Ransomware is malware that employs encryption to hold a victim’s information at ransom. A user or organization’s critical data is encrypted so that they cannot access files, databases, or applications. A ransom is then demanded to provide access. According to cybersecurity company Emsisoft, ransomware attacks affected at least 948 government agencies, educational establishments, and healthcare providers in the United States in 2019, at a potential cost exceeding $7.5 billion. Ransomware attacks were up 92% last year, according to the 2022 Cyber Threat Report from SonicWall, a leading cybersecurity firm.
While it is important for small and large businesses to protect themselves and their data from foreign and domestic hackers, it is equally important for individuals to be just as cautious.
How can you protect yourself?
- Be suspicious of unexpected or unsolicited phone calls, emails, and texts asking you to send money or disclose personal information.
- Be cautious when receiving money movement instructions via email.
- Keep your technology up to date, as well as your firewalls and anti-virus software.
- Back up your data and ensure you have offline backups beyond the reach of malicious actors.
- Be strategic with your login credentials and passwords.
- Add two-step verification, which requires you to enter a unique security code each time you login to a website, mobile app, or access your financial accounts.