*By Paulo Costa
We could not imagine that it would be possible to affect a group of people or even a nation by being inside a room using a computer, which used for evil can create a negative impact on a country's economy or even result in the destruction of several human lives. Concerned about this possibility and seeking greater security, governments have invested in a cyber security army, both for defense and for identifying and preventing a possible attack.
There is debate among cybersecurity experts about what kind of activity constitutes a Cyber War, but we can define it as a cyber attack or a series of hacking attacks targeting a country, with the potential to wreak havoc on government and civilian infrastructure by disrupting the functioning of critical systems, resulting in damage to the State and even loss of life.
the current battle
Ukraine has always accused Russia of carrying out attacks on government websites as tensions between the two countries escalate. The declaration of war on 24 February also signaled increasingly potent cyber attacks against Ukrainians.
The internet connection in Ukraine has been unstable since then, especially in the South and East, where Russian ground attacks are also concentrated.
In recent months, several official channels have been affected by “massive cyberattacks”. On the other hand, the hacker group Anonymous has declared “cyber warfare” against Russia. After the statement, official government websites were taken down in retaliation for measures imposed by Vladimir Putin.
Ukraine is also taking further steps to achieve higher levels of national cybersecurity. On February 26, Ukraine announced the creation of a cybersecurity army to defend against hackers and launch counterattacks, organized by Ukraine's Ministry of Digital Transformation.
The main types of cyber warfare attacks
- Denial of Service (DDoS) attacks: It is the type of attack that can be used to disrupt operations and critical systems and block access to sensitive websites by civilian, military and security personnel or public bodies.
- Power grid attack: Grid attacks are carried out to disrupt both power supply and telephone communication and Internet access.
- Economic disruption attacks: Its priority is to target computer networks of economic establishments such as stock markets, payment systems and banks to steal money or prevent people from accessing the funds they need.
- Surprise Attacks: It's a massive attack that the enemy isn't expecting, allowing the attacker to weaken their defenses. This can be done to set the stage for a physical attack in the context of hybrid warfare.
Tips to protect yourself from cyber attacks.
- Enable Multi-Factor Authentication: use multi-factor authenticationacross all your accounts, including email, social media, shopping and financial services, for extra protection.
- Software: update the antivirus and malware, operating systems and applications, especially browsers, on all devices, including cell phones, tablets, desktop and laptops.
- Think before you click: Most cyber attacks start with an email. phishing mail, which looks legitimate but is not and can be used to steal your passwords, social security numbers, credit card numbers and other sensitive information or to run malicious software.
- Use strong and unique passwords: Secure all your account credentials, including username and password. Use strong passwords and don't reuse them.
- Don't believe everything online: At first in a current war, people must be very cautious with the information they share.
- Back up important files: It is always recommended that we leave our information and files in a safe and reliable place, being a good practice to allocate backup in the cloud and on external drives.
- Using a VPN on the public internet: It can provide an additional layer of protection between your devices and the Internet by hiding your IP address and location. It can also encrypt your data.
— Paulo Costa is Cyber Security | Ethical Hacker | Red Team | Blue Team at [SAFEWAY]
How can we help?
THE SAFEWAY is an Information Security consulting company recognized by its clients for offering high value-added solutions through projects that fully meet the needs of the business. In 14 years of experience, we have accumulated several successful projects that have earned us credibility and prominence with our clients, who largely make up the 100 largest companies in Brazil.
today through 25 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best solutions in technology, processes and people. We have both the technical skills and the experience necessary to assist your company in the process of structuring controls and preparing the environment for the implementation of an ISMS, SGS or SGCN and, consequently, certification of operations, services or companies to the ISO27001, ISO20000 or ISO22301 standards.
In order to support companies in this process of evaluation and adaptation to the requirements of the LGPD, [SAFEWAY] has in its portfolio of services, the Cybersecurity Health Check whose objective is to carry out a diagnosis of the CyberSecurity, Information Security and Data Privacy implemented in your company, contemplating the pillars of Law Suit, People and Technology.
through the Cybersecurity Health Check, risks associated with information security and privacy of internal processes and activities are identified, existing controls and new controls evaluated according to the size of your organization to increase the level of maturity and compliance, in accordance with good information security practices. If you would like more information, contact one of our experts!
