Organisations around the world have already been warned to be on high alert for cyberattacks emanating from the Russia-Ukraine conflict – and now a leading technology services company says the worst could be yet to come.
The reality is that wars are not just fought on the ground, on the sea or in the air – but also in cyberspace, as evidenced by cyber-activity from both sides in the conflict, says Collin Penman, Security Practice Leader, Australia and New Zealand for technology services provider Kyndryl.
"This reality has forced governments, companies and organisations across the world, including Australia and New Zealand, to assess their vulnerabilities," Penman says, "and we are now hearing that things could escalate again."
Penman says Australian and New Zealand organisations need to pay close attention to geo-political tensions in Eastern Europe and ensure they are prepared from a cybersecurity and resiliency standpoint.
"The New Zealand government has shown its resolve to be prepared with the recent Budget," he says. "Signals intelligence agency the GCSB will get nearly $50 million more funding over four years, to help protect against the increasing frequency and severity of cyberattacks, while the 2020 Australian Budget provided a $1 billion boost for cyber-defence."
"So businesses should not adopt a mindset that New Zealand and Australia are too physically distanced to be impacted by what's happening globally.
"We live in a more digital world than ever before; cyberattacks have very much become a key weapon that can cause damage far and wide," he says. "Targeted attacks on Ukrainian government departments and financial institutions have already shown that critical infrastructure is seen as the 'Achilles heel' targeted by cyber criminals and should be protected at all costs."
A report from the BBC earlier this month quoted Rob Joyce, Director of Cyber Security at the US National Security Agency saying Russia had deployed eight or nine different viruses to wipe computer systems. The US, UK, EU and other nations have accused Russia of targeting a satellite communications provider used by the Ukrainian military, a hack which spilled over to affect other customers in Europe.
Joyce has warned that, as sanctions against Russia tighten, the response from Moscow could be to turn cyberattacks on Western companies and organisations: "Our worry is that it's a decision point. When that decision point happens, there certainly is capability to come after some of that (Western) infrastructure."
Joyce also warned of potential escalation from activist or "vigilante" hackers who have been targeting Russia in a show of support for Ukraine, aiming at Russian institutions and companies and publishing stolen information on the internet.
Penman says: "We've already witnessed the devastation that can occur when critical infrastructure is compromised, both overseas and here in New Zealand – the denial-of-service (DDoS) attack that brought the New Zealand Stock Exchange to a halt last year is a perfect example.
"The ransomware and distributed DDoS attacks that impacted hospitals across Australia last year also demonstrated just how high the stakes are when it comes to cybersecurity and mission-critical systems.
"It's not just a matter of EFTPOS machines being down for a few hours, or people being locked out of their work computers. These attacks can pose a huge risk to national security and the safety of civilians," he continued.
"But it's not just these organisations that need to be cyber prepared. Behind every utility company, hospital, bank, and so on, there is also a significant network of smaller organisations in the supply chain that help keep the infrastructure operating."
Penman says C-Suite and security teams should determine just how ready they are should an incident occur: "This is important not just from a cybersecurity point of view, but also a policy point of view. If they haven't already, now is the time for organisations to dust off their incident response plans and make sure their cybersecurity policies are up to date.
"These plans shouldn't then just be filed away or put back in a locked drawer somewhere. They need to remain front and centre," he said. "Organisations also need to look at who they have access to - both internally and externally and make sure all hands are on deck.
"Working with a partner such as Kyndryl, who has the engineering capabilities to secure the technology systems Australians and New Zealanders depend on every day, can help organisations anticipate, protect against, and recover from potential threats."