Close this search box.
Close this search box.

How Russia’s War Against Ukraine Has Amped Up Cybersecurity Threats

© AdobeStock
Russia "is surely looking for plausible deniable ways of affecting EU and U.S. critical industries," says Black Talon Security CEO Gary Salman.
Black Talon Security CEO Gary Salman

Russia’s war against Ukraine has been devastating on many levels. For companies in the U.S. and Europe, one of the top concerns continues to be significantly amped up cybersecurity threats.

In the following interview, Gary Salman, CEO of Black Talon Security in Katonah, New York, shares the biggest weakness in any company’s cybersecurity plan, how companies can respond, and why information chiefs should be on alert to “wiper malware.”

How has the Russia-Ukraine war impacted the urgency of cybersecurity issues for U.S. companies?

The answer to this is varied and primarily depends on the industry and whether Russia or Russia-affiliated hackers perceive value in degrading or denying access to the data and information of those companies. Though there is no specific intelligence released to the general public, we should all expect that Russia is considering ways in which it can inflict costs on the United States, its NATO allies and the EU.

It is reasonable to presume that Russian leadership is angry at the trajectory of their Ukrainian invasion and at the speed and breadth of NATO and EU responses. With that anger, Russia is surely looking for plausible deniable ways of affecting EU and U.S. critical industries, and with those effects achieve its political goals of weakening the anti-Russia political alliance. The probability of these effects rises the longer the war stays a hot conflict, though by no means drops to zero in the event of a ceasefire. U.S. companies in any of the 16 industries deemed critical by the U.S. Cybersecurity & Infrastructure Security Agency should absolutely have shifted to a temporary increased level of security awareness.

What steps should CIOs and IT departments be taking now to avoid potential cyberattacks?

Employee awareness reminders and short training reminders between three to five minutes are the first and easiest additional actions that CIOs can take. IT departments should also be increasing their ability to monitor and respond to anomalous user behavior as part of their standard repertoire of extra security in times of heightened likelihood of cyberattacks.

Every company should have a formal plan—or at least several ideas—of how it can improve its continuous cybersecurity monitoring with the resources it has or can divert to IT. This could be as simple as a higher frequency of checking privileged users and their respective roles to increasing off-system logging and log analytics for the next three to six months. The time has long since been ripe for companies to implement multi-factor authentication and cease the sharing of user accounts.

IT departments need to rehearse restoration of their critical data. Many a firm has struggled with the sharp and pointy circumstance of backup tapes, reliably made and taken offsite for months—but then being unreadable, or controllers failing or on backorder, or other fatal errors in the restoration plan. Possessing backups is only a third of a restoration plan!

Finally, companies should be more diligent in rehearsing their adaptations to a variety of cybersecurity situations. Unless the company has ceased to exist, it and its people will adapt. The goal is to make the adaptations more natural, less spur-of-the-moment, which decreases the chances for maladaptation—a form of adapting that companies should avoid.

What information should companies provide their employees to help prevent ransomware or malware attacks?

Humans remain the biggest weakness in every company security plan. Actuarially, the risk of company compromise through unwitting insiders is much more likely than the malicious insider—that is the whole point of phishing attacks. There are a number of firms in the market now that specialize in making cybersecurity training happen in small, easily digestible bites and very engaging—think three to four minutes every other week or once a month, rather than once a year.

Training that is clearly inspired by current events is also much more relatable than the annual 60-minute marathon of training typical in many companies. The training also needs to overcome the proverbial “It can’t happen to me/us” attitude, a perpetual issue for cybersecurity companies. Progressive Insurance’s character “Mayhem” in its commercials is a fun example of trying to overcome attitudes. Is something similar possible in the cybersecurity realm? Absolutely.

What is wiper malware and why is it becoming an increasingly prevalent form of cyberattack against businesses?

Wiper malware is more insidious than previous ransomware. Previous ransomware and its typical deployment aim to profit from the ransom. The insidiousness of wiper malware is that the majority of versions have no mechanism for recovering data. The sole purpose is the deliberate destruction of accessible data at a time optimal for the malicious actor and presumably least optimal for the business.

Malicious actors are not stupid or haphazard—striking before likely busy periods of businesses, or at the beginning of holidays/time periods with no one in the office is a common modus operandi. The fortunate aspect, so far, is that wiper malware does not yet seem to be spreading as fast in the wild as Petya, notPetya and others of the past have spread. Think of that fact as a temporary lull in the prevailing winds. Wiper malware will become more prevalent.


  • Get the CEO Briefing

    Sign up today to get weekly access to the latest issues affecting CEOs in every industry
  • upcoming events


    Strategic Planning Workshop

    1:00 - 5:00 pm

    Over 70% of Executives Surveyed Agree: Many Strategic Planning Efforts Lack Systematic Approach Tips for Enhancing Your Strategic Planning Process

    Executives expressed frustration with their current strategic planning process. Issues include:

    1. Lack of systematic approach (70%)
    2. Laundry lists without prioritization (68%)
    3. Decisions based on personalities rather than facts and information (65%)


    Steve Rutan and Denise Harrison have put together an afternoon workshop that will provide the tools you need to address these concerns.  They have worked with hundreds of executives to develop a systematic approach that will enable your team to make better decisions during strategic planning.  Steve and Denise will walk you through exercises for prioritizing your lists and steps that will reset and reinvigorate your process.  This will be a hands-on workshop that will enable you to think about your business as you use the tools that are being presented.  If you are ready for a Strategic Planning tune-up, select this workshop in your registration form.  The additional fee of $695 will be added to your total.

    To sign up, select this option in your registration form. Additional fee of $695 will be added to your total.

    New York, NY: ​​​Chief Executive's Corporate Citizenship Awards 2017

    Women in Leadership Seminar and Peer Discussion

    2:00 - 5:00 pm

    Female leaders face the same issues all leaders do, but they often face additional challenges too. In this peer session, we will facilitate a discussion of best practices and how to overcome common barriers to help women leaders be more effective within and outside their organizations. 

    Limited space available.

    To sign up, select this option in your registration form. Additional fee of $495 will be added to your total.

    Golf Outing

    10:30 - 5:00 pm
    General’s Retreat at Hermitage Golf Course
    Sponsored by UBS

    General’s Retreat, built in 1986 with architect Gary Roger Baird, has been voted the “Best Golf Course in Nashville” and is a “must play” when visiting the Nashville, Tennessee area. With the beautiful setting along the Cumberland River, golfers of all capabilities will thoroughly enjoy the golf, scenery and hospitality.

    The golf outing fee includes transportation to and from the hotel, greens/cart fees, use of practice facilities, and boxed lunch. The bus will leave the hotel at 10:30 am for a noon shotgun start and return to the hotel after the cocktail reception following the completion of the round.

    To sign up, select this option in your registration form. Additional fee of $295 will be added to your total.