Staying Vigilant in a Global Cyber Conflict


Share on facebook
Share on twitter
Share on linkedin

Any state-sponsored Russian assaults aimed at supporting Russia’s invasion of Ukraine or retaliating for US, NATO, or other foreign measures taken in reaction to Russia’s invasion of Ukraine are more likely to be destructive or disruptive in character than aimed at stealing data.

This blog addresses the many sorts of attacks that businesses may face and suggests ways to mitigate or remediate them. 


Among the most alarming scenarios is the possibility of a damaging malware assault on the United States, NATO allies, or other foreign governments. This could be a direct assault or the result of a spillover from an attack on Ukraine, such as the 2017 NotPetya operation, which targeted Ukraine and spread to other regions of the world. 

The ideal malware protection is to prevent infection in the first place, which keeps assets up to date and employs effective access restrictions, like multi-factor authentication. It’s important to have an incident response strategy in place of the worst-case incident, as well as a business continuity plan.  

Phishing Campaigns 

Russian state-sponsored attackers are also well-known for spear-phishing attempts, and it is common to find phishing attacks that link to fake websites posing as news, charity organisations, or other seemingly relevant information.  

Keep alert and avoid clicking on strange links or opening attachments. Defenders should implement strong spam filtering and attachment scanning. Educating employees about the hazards of phishing and executing phishing campaigns on a regular basis would also assist in reducing this issue. 


Ransomware might be used to disrupt overseas targets as well. The 2021 ransomware assault on the Colonial Pipeline in the US was believed to be the result of criminals based in Russia. Opportunistic attackers searching for ransoms will still be on the hunt and will most likely take advantage of the confusion. 

To achieve resilience, defenders should analyse asset and application settings, and in the event of a ransomware attack, evaluate incident response processes. 

How else can you prevent attacks? 

  • Backup data on a frequent and regular basis 
  • Monitor cybersecurity measures continuously 
  • Create an incident response plan 
  • Conduct a vulnerability assessment 
  • Increase cyber awareness 
  • Incorporate cyber expertise into the board 
Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Emergency Assistance

Under Attack?

Please fill out the form and we will respond ASAP. Alternatively, click the button to call us now.