In light of the current conflict happening between Ukraine and Russia, members of NATO have imposed strict economic sanctions against the aggressor country, Russia. Russia is responding to the sanctions in a variety of ways to protect its economic defenses and retaliate against the restrictions. This may directly lead to retribution on US-based corporations, banks and institutions, including in the form of cyberattacks on personal computers as well as the infrastructure such as internet access or the power grid.

The Cybersecurity and Infrastructure Security Agency (CISA) has recently announced that the United States is experiencing a heightened risk of state-sponsored cyberattacks. These attacks have already been detected on the US interweb, including reports of malicious attacks by a cyber actor known as Sandworm or Voodoo Bear.

This cyber actor has been reported to be using a new malware referred to as Cyclops Blink. The virus exploits network devices, primarily targeting small office/home office routers and network-attached storage devices, in an attempt to redirect VPN traffic to unknown locations.

Given the emerging situation, now is a good time to update and educate everyone in your organization about cybersecurity policies and procedures surrounding email use, internet use, and remote access.

The following precautions are useful measures to mitigate known cyberattacks:

• Verify that all links that you are visiting are from known good sites.
• Do not download any software programs whatsoever from unknown sources.
• Do not accept USBs, DCs, DVDs or any other sort of external media without a virus scan.
• Do not allow any remote sessions into your network without authorization.

As cyber threats continue to become more rampant, cybersecurity should remain a top priority for organizations. Aside from this specific malware, there is also now also a rise in the number of attacks targeting Internet of Things (IoT) and other IP-connected devices. 

Without good virtual security, any organization can be impacted by cyberattacks on physical security devices. This could be devastating to organizations, potentially leading to the disruption of business operations or an information data breach that could impact thousands of customers.

To mitigate the risk of cyberattacks at your organization, consider protecting your physical devices by:

• Scheduling regular maintenance and updates for your security systems that are followed religiously consistently.
• Planning for system updates and budget accordingly.
• Ensuring physical security devices are not connected directly to the internet. They should be connected to another physical appliance, such as an NVR, which is connected to the internet while providing another layer of protection between the internet and the device.
• Resetting all device user codes at installation with a unique and secured username and password (ensure they are no longer set to the installer default user code).
• Administering access control credentials properly, including correct access levels and badges are returned or canceled upon separation.
• Ensuring user credentials are properly administered, including correct access levels, regular password updates for all users, and canceling user accounts upon separation.
• Isolating any new system from the internet if possible; if not possible, ensure all devices are protected behind security. Include the IT department in the early planning stages of the project to ensure cybersecurity concerns have been raised and addressed.

Budgets and timelines for securing an organization’s physical devices against virtual attacks vary based on the situation, but they can be planned as part of the annual budget so that there are fewer surprises. Investing in better tools and increasing budgets for professional services, cybersecurity staff, and training or upskilling current staff is critical to keep up with emerging threats and ensure that your organization is protected from cyberattacks.

If this is the first-time cybersecurity for physical security systems is being addressed at an organization, timelines may be longer and there may be a need to request capital or emergency funding for additional hardware, software, and contract support for the implementation. However, once protection is put in place, the ongoing planned maintenance and updates can substantially reduce the risk of a successful cyberattack and limit the potential damage.

Please feel free to reach out to executivesupport@abscosolutions.com for a consultation with a member of our executive team. You can also contact us at salessupport@abscosolutions.com or 1-800-705-1857 for any feedback, questions, or service needs.