Managing Third-Party Risks and Prioritizing Vulnerability Management Programs with HoundER ASM
A Year of Ongoing Russia-Ukraine Conflicts: Assessing the Impacts on the Digital Supply Chain
February 23, 2023
As the conflicts between Russia and Ukraine reach their one-year mark, the impacts on the global cyber threat landscape are becoming increasingly clear. Since it started, tens of thousands of people have been killed, millions of Ukrainians have fled and the country has sustained tens of billions of dollars worth of damage. Importantly, this marks the first time that cyber activities have played such a prominent role in a world conflict, so too it has exposed the high risks of disruption to the Digital and Analog Supply Chains.
“
"The Digital Supply Chain is the result of the application of electronic technologies to every aspect of the end-to-end Supply Chain. Electronic connectivity is at the heart of the Digital Supply Chain as enabled by a plethora of disruptive technologies including Cloud Computing, IoT, Blockchain, Big Data, Artificial Intelligence, Machine Learning, amongst others."
Immediately after the conflict broke out, suspected pro-Russian cyber-attacks were observed over a 48-hour period at an increase of over 800%. U.S. cyber security agencies, the FBI, and the Department of Homeland Security have all shared high alerts covering threat levels, preparedness, and response. One of the reasons why this conflict has such an impact on the cyber space is that both Russia and Ukraine are major players in the global technology industry. A year ago, Ukraine in particular, performed as a key hub for IT outsourcing and software development, with many international businesses relying on Ukrainian talent and expertise to maintain their digital operations. As such, any disruption to the Ukrainian tech industry has been creating a knock-on effect across a wide range of industries and companies worldwide.
Meanwhile, Russia has been linked to several high-profile cyber attacks in recent years, including the SolarWinds breach, which targeted a range of US government agencies and private sector organizations. The Colonial Pipeline ransomware attack in May 2021, which caused widespread fuel shortages and panic buying across the southeastern United States, has been attributed to Pro-Russia threat actors. The attack, which was carried out using the DarkSide ransomware, resulted in the shutdown of one of the largest fuel pipelines in the country for several days, causing substantial disruption to critical infrastructure and the economy as a whole. Those incidents highlight the geopolitical tensions as state-sponsored cyber threats have a profound impact on global cyber security. It also underscore the importance of robust cyber security measures and effective risk management practices for businesses and organizations of all types.
Pro-Russia cyber threat actors may have a range of motivations for targeting NATO members and its allies, including political, economic, and strategic objectives. For example, they may seek to disrupt critical infrastructure, gather intelligence, or gain leverage in negotiations or other diplomatic efforts. In some cases, state-sponsored attacks may be designed to support broader geopolitical goals, such as expanding influence or challenging the dominance of Western powers, providing a counterbalance in the region. Additionally, cyber attacks can be seen as a low-cost and low-risk means of projecting power and exerting influence in areas where more traditional methods may be ineffective or counterproductive.
According to a Google report, in early 2022, the pro-Russian attackers shifted their focus to targeting Ukrainian organizations, the Ukrainian government, and European humanitarian and non-profit organizations. The group’s targeting wildly varied from European NGOs to less targeted attacks on Ukrainian government entities, organizations and individuals. Rather uniquely, these groups demonstrate strong interest in breaching businesses operating in the hospitality industry of Ukraine, going as far as launching multiple distinct campaigns against the same hotel chains. This overlap of activity is likely to continue throughout the conflict and affect other industry verticals with the potential to disrupt digital supply chains across multiple geographies.
Meanwhile, Russia has been linked to several high-profile cyber attacks in recent years, including the SolarWinds breach, which targeted a range of US government agencies and private sector organizations. The Colonial Pipeline ransomware attack in May 2021, which caused widespread fuel shortages and panic buying across the southeastern United States, has been attributed to Pro-Russia threat actors. The attack, which was carried out using the DarkSide ransomware, resulted in the shutdown of one of the largest fuel pipelines in the country for several days, causing substantial disruption to critical infrastructure and the economy as a whole. Those incidents highlight the geopolitical tensions as state-sponsored cyber threats have a profound impact on global cyber security. It also underscore the importance of robust cyber security measures and effective risk management practices for businesses and organizations of all types.
Pro-Russia cyber threat actors may have a range of motivations for targeting NATO members and its allies, including political, economic, and strategic objectives. For example, they may seek to disrupt critical infrastructure, gather intelligence, or gain leverage in negotiations or other diplomatic efforts. In some cases, state-sponsored attacks may be designed to support broader geopolitical goals, such as expanding influence or challenging the dominance of Western powers, providing a counterbalance in the region. Additionally, cyber attacks can be seen as a low-cost and low-risk means of projecting power and exerting influence in areas where more traditional methods may be ineffective or counterproductive.
According to a Google report, in early 2022, the pro-Russian attackers shifted their focus to targeting Ukrainian organizations, the Ukrainian government, and European humanitarian and non-profit organizations. The group’s targeting wildly varied from European NGOs to less targeted attacks on Ukrainian government entities, organizations and individuals. Rather uniquely, these groups demonstrate strong interest in breaching businesses operating in the hospitality industry of Ukraine, going as far as launching multiple distinct campaigns against the same hotel chains. This overlap of activity is likely to continue throughout the conflict and affect other industry verticals with the potential to disrupt digital supply chains across multiple geographies.
“The most significant risks of these attacks for international businesses and enterprises worldwide, particularly those that rely on technology and digital infrastructure to conduct their operations, is the disruptions to digital supply chains. Data breaches, and other cyber attacks can result in huge financial losses, reputational damage, and other negative outcomes, and can even pose a threat to national security in some cases." — S. Martins
Considering these risks, it is essential for organizations to take steps to manage their digital attack surface and strengthen their cyber security programs. This means investing in robust threat intelligence capabilities to detect and respond to potential attacks, as well as implementing strong access controls and other cyber security best practices.
Looking ahead to the 2023 threat landscape, it is likely that we will see an increase in state-sponsored cyber attacks as tensions between Russia and Ukraine continue to simmer. Whatever the ultimate outcome of the conflict turns to be, the cyber world will never be the same. In addition, we can expect to see continued growth in the use of artificial intelligence and machine learning by both attackers and defenders, as well as an increasing focus on supply chain security as a key area of vulnerability.
Looking ahead to the 2023 threat landscape, it is likely that we will see an increase in state-sponsored cyber attacks as tensions between Russia and Ukraine continue to simmer. Whatever the ultimate outcome of the conflict turns to be, the cyber world will never be the same. In addition, we can expect to see continued growth in the use of artificial intelligence and machine learning by both attackers and defenders, as well as an increasing focus on supply chain security as a key area of vulnerability.
“
Perhaps most notably, of course, we see a war taking place, for the first time, in a context that includes the widespread presence of smart phones, internet connected devices, and social media. But, again, these are just hints of what the future of war between advanced powers would be. In such a conflict, the intelligence, surveillance and reconnaissance systems would be incomparably more capable. And there would incomparably greater numbers of vastly more capable unmanned systems (some remotely piloted, others operating according to algorithms) in every domain – not just in the air, but also at sea, sub-sea, on the ground, in outer space, and in cyberspace, and operating in swarms, not just individually! And every intelligence and strike capability will be integrated and connected by advanced command, control, communications and computer systems. An adage back in the Cold War days stated, “If it can be seen, it can be hit; if it can be hit, it can be killed."
The same is true for digital assets in the cyber space.
To respond to these new threats, businesses should focus on building strong, proactive cyber security programs that prioritize threat intelligence, employee training, and effective incident response plans. This may involve working closely with third-party vendors and partners to ensure that supply chains are secure, by mapping their digital attack surface, and implementing zero trust security models.
HoundER ASM provides attack surface intelligence that can help businesses accelerate third-party assessments and addressing the priorities of their vulnerability management programs. By providing comprehensive visibility into an organization's digital attack surface, it enables companies to identify and prioritize potential risks and vulnerabilities, including those posed by third-party vendors. This can help organizations to develop more effective and efficient strategy to manage cyber risks, reducing the risk of cyber attacks. One key way that HoundER differentiates itself from competitors is by leveraging its unique combination of cost-effective continuous assessment with thousands of custom checks powered by AI, which enable businesses to stay ahead of emerging threats.
In conclusion, businesses must be vigilant and proactive in managing their cyber security risks, particularly in the face of ongoing geopolitical tensions and evolving threat landscapes. By investing in strong third-party risk management programs and leveraging solutions like HoundER ASM, companies can protect themselves and their customers from potential cyber attacks, reduce digital supply chain disruptions, while maintaining the trust of their stakeholders in an increasingly complex digital world.
To respond to these new threats, businesses should focus on building strong, proactive cyber security programs that prioritize threat intelligence, employee training, and effective incident response plans. This may involve working closely with third-party vendors and partners to ensure that supply chains are secure, by mapping their digital attack surface, and implementing zero trust security models.
HoundER ASM provides attack surface intelligence that can help businesses accelerate third-party assessments and addressing the priorities of their vulnerability management programs. By providing comprehensive visibility into an organization's digital attack surface, it enables companies to identify and prioritize potential risks and vulnerabilities, including those posed by third-party vendors. This can help organizations to develop more effective and efficient strategy to manage cyber risks, reducing the risk of cyber attacks. One key way that HoundER differentiates itself from competitors is by leveraging its unique combination of cost-effective continuous assessment with thousands of custom checks powered by AI, which enable businesses to stay ahead of emerging threats.
In conclusion, businesses must be vigilant and proactive in managing their cyber security risks, particularly in the face of ongoing geopolitical tensions and evolving threat landscapes. By investing in strong third-party risk management programs and leveraging solutions like HoundER ASM, companies can protect themselves and their customers from potential cyber attacks, reduce digital supply chain disruptions, while maintaining the trust of their stakeholders in an increasingly complex digital world.
Request a demo today
Learn how HoundER ASM can increase the visibility of your digital attack surface.