9 Ways to Protect Your Business from Cyber Warfare

Not long before Russia launched its invasion of Ukraine, the US Cybersecurity and Infrastructure Security Agency issued a warning for organizations to beef up their network security and be on the lookout for increasing cyberattacks. While many IT professionals have been in the virtual trenches fighting off state-sponsored hackers and cybercriminals for years, such attacks have yet to reach the full damaging potential of open cyberwarfare. As international sanctions ramp up the pressure on Russia and reduce their options, the danger of retaliation via cyberattack increases.

As things already stand, cyberattacks are a costly and growing problem for businesses, nonprofits, government agencies, and any other organization that performs critical functions or stores valuable data. Incidents have risen by 600% over the past two years, with 30% of organizations worldwide reporting increasing attacks against their IT systems. When those attacks result in a successful data breach, the cost to the victimized organization is more than $4 million on average.

Merchants already needed to be thinking hard about how to protect their businesses from cyberattacks, and the recent warning from CISA only underscores the urgency of coming up with a defensive strategy and implementing best practices against phishing, malware, social engineering, and the other weapons of cyberwarfare.

Whether these threats intensify due to the conflict in Ukraine or continue to grow at the current trajectory, these guidelines can help protect your organization and minimize harm.

1. Protect your hardware

At the industrial level, cyberwarfare isn’t just about stealing data. Hackers can cause real physical damage to network-connected machinery by sending malicious instructions or disabling component systems. The growth of the internet of things has only expanded the attack surface for these threats.

Critical equipment will require specific and customized defenses, but basic power disruptions can be guarded against by using surge protectors and uninterruptible power supplies.

2. Keep your software updated

Software bugs and security loopholes often provide an entryway for bad actors. The best thing you can do to minimize vulnerabilities in this area is to use the latest versions of your operating systems and other software, update them regularly, and install security patches as soon as they are released.

If you’re reliant on legacy systems that are no longer being supported and updated by their developers, it may be time to replace them.

3. Put up hardware and software firewalls

Firewalls are still necessary defensive measures, even if they need to be supplemented with other methods. They can stop harmful internet traffic from being received or sent from your network and should be installed on all of your organization’s online devices—servers, computers, laptops, tablets, phones, and anything else that connects to your network. That includes remote work devices, even if they’re connecting through a VPN.

As part of your firewall, you may want to include an intrusion detection/prevention system to help identify threats sooner, as well as email and web browsing filters to prevent employees from following links to harmful sites.

4. Lock down wireless access points

Hackers love wireless devices because they don’t need physical access to them in order to compromise their security and use them as points of access to the larger networks they’re connected to. Defenses on your wireless devices—routers, modems, IoT—need to be extra hardened. Make sure all default passwords are changed to strong ones, turn off SSID broadcasting, and allow only protected, encrypted access. If you offer wireless internet to your customers or guests, make sure that network is completely separate from your business network.

5. Back up your data

Sometimes cybercriminals steal data for their personal use, like payment card credentials. Others are only interested in your data so they can hold it hostage. Backups, stored on media that is disconnected from vulnerable networks, can provide an insurance policy against this type of attack.

6. Encrypt sensitive information

Data that is sensitive, private, or otherwise of particular interest to cybercriminals should be encrypted on all devices. Be sure to follow all the recommended protocols for storing and sharing your encryption keys.

7. Beware of dumpster divers

Contrary to popular stereotypes, cybercriminals are perfectly willing to leave their basement lairs and do some legwork to ensure the compromise of a targeted organization. One common tactic is to dig through the organization’s garbage in search of physical media, jotted-down passwords, and other exploitable information. Data can also inadvertently end up in the hands of bad actors when devices are donated or sold.

Just as sensitive documents need to be shredded before you discard them, devices and storage media need to be thoroughly wiped or destroyed once you are ready to dispose of them.

8. Educate your staff

Cyberattacks often succeed not because of superior technology or ingenious hacking skills, but by exploiting human error. Your employees are your first and best line of defense against malicious intrusions, but they have to know what to look for and how to respond when they believe they are being targeted. Show them the threats they are likely to face, run simulated phishing attacks, and give them a clear procedure to follow for reporting incidents.

It’s also smart to create a data use policy and restrict access to employees and contractors based on actual needs. That goes for system administrators, too—giving their accounts rights and privileges that they don’t actually need just creates major security vulnerabilities where none need to exist. The goal isn’t just to provide rote training, but to make cybersecurity a priority in your overall workplace culture.

9. Conduct regular security audits

The only way to know for sure whether your protective measures are working is to review them periodically. Defenses should be assessed as thoroughly as possible before they’re tested by a genuine attack, and any weaknesses that you can identify should be addressed immediately.

By nature, cyberwarfare is a rapidly evolving threat. Audits must be done on a regular, recurring basis to account for changing methods of attack, new technologies, and accumulated knowledge.

Shields Up, Merchants

There’s no way to know for sure whether the outbreak of open cyberwarfare would subject the typical retail merchant to more fraud and cyberattacks than they already routinely experience. Given that merchants are already under constant threat, and that cyberattacks purposely intended to disrupt economic activity could be distributed unpredictably, it makes sense for merchants to maintain a “shields up” posture at all times.

The cybersecurity landscape could change dramatically in the months ahead depending on what Russia chooses to do, but for many retailers, the consequences of a data breach are just as bad whether the perpetrator is a state-backed professional or a resourceful hobbyist. Maintaining a strong commitment to cybersecurity will protect merchants from basic threats and put them in a better position to adapt and respond should attacks escalate.

About the Author

Suresh Dakshina is the President and co-founder of Chargeback Gurus. He holds a master’s degree from the University of Southern California and has consulted Fortune 5000 companies for over a decade on chargeback and fraud minimization. Suresh also works closely with card networks such as Visa and American Express on chargeback process optimization and compelling evidence policies.