Latest news

THE SPANISH NATIONAL CRYPTOLOGY CENTER (CCN) RECOMMENDS INCREASING CYBERSECURITY MEASURES DUE TO THE CRISIS IN UKRAINE, HOW CAN THIS AFFECT MY COMPANY?

PREVIOUS CYBER ATTACKS, ALLEGEDLY FROM RUSSIA, HAVE LEFT IMPORTANT PUBLIC ADMINISTRATIONS, SUCH AS THE SEPE, TOWN HALLS AND UNIVERSITIES, OUT OF SERVICE. IT IS EXPECTED THAT WITH THE SEVERE ECONOMIC AND PERSONAL SANCTIONS ADOPTED BY THE WEST AGAINST RUSSIA AND ITS OLIGARCHS, CYBER ATTACKS WILL INCREASE SIGNIFICANTLY.

In recent days, different media have spread news where the recommendation that the CCN has spread to significantly increase cybersecurity measures in administrations and institutions is exposed, since it is very possible that attacks on these organizations will increase. .

Indeed, the severe economic measures that have been adopted as sanctions are expected to have a great impact on the Russian economy, and even the personal measures against certain oligarchs makes the possibility of "trying to strike back" with cyber attacks more than foreseeable. diverse type and intensity in the strategic sectors of all the countries that are in the western sector, especially those that belong to NATO.

In principle, it is quite clear that unusual sanctions are being applied to Russia (for example, expulsion from the SWIFT banking system), which will surely have a strong consequence on the economy and the competitiveness of its companies and banks. Therefore, it is practically certain that one of Russia's objectives will be to complicate the economy and administration of the NATO countries, and more so if it is in a "dark" way, hidden or more or less unpunished and in many cases with a high economic benefit for data ransoms or frauds such as the "man in the middle" that Western companies victims of cyber attacks will have to pay.

The recommendations, not yet known, reduce the effectiveness of prevention and response to possible cyber attacks:

1. Change the passwords of all the computers, replacing them with strong passwords.
2. Proper custody and management of passwords, avoiding their loss or theft.
3. Turn off equipment when not in use, especially servers on weekends, and other devices connected to the Internet.
4. Special attention to devices connected to the Internet such as industrial machinery, telemedicine, home automation, etc. (It is easier to attack our Smart TV or CCTV than a well configured and protected server.)
5. Properly monitor our devices at all times, detecting the activation of a logic bomb quickly and early.
6. Have the backups updated and with a physical copy disconnected (which contains data and environment to reproduce).
7. Never pay a ransom for our data. If we are victims of ransomware, never encourage this practice by paying ransoms.
8. If appropriate, file the corresponding complaint with the competent authorities for crimes of computer damage that may have been suffered.

In principle, these would be a non-exhaustive list but merely illustrative and by way of example, since each organization needs to adapt its security measures according to its needs, objectives and capabilities. As always, we remain at your disposal to help in the correct management of any cyber incident, be it minor or a major attack.
With the hope and sincere wish that everything ends as soon as possible and peace and harmony prevail between the parties, as always, we remain at your disposal for any questions or queries on this topic or any other that is yours.

We will keep you informed.
Greetings.
--
Jorge Ortega