An increase in cyber-related incidents across the European Union has spurred several regulatory agencies to raise awareness around cyber resilience and cybersecurity best practices as tensions rise globally due to potential conflict in eastern Europe. 

The European Union Agency for Cybersecurity (ENISA) and the Computer Emergency Response Team (CERT-EU) published information and guidelines for public and private organizations in the EU on February 14, 2022, citing the increase in cyber-related incidents across the EU. This action follows the release of the PCI Security Standards Council & National Cybersecurity Alliance’s Ransomware Bulletin, which aims to raise awareness of ransomware events in light of increased high-profile incidents globally. 

The joint publication outlines ransomware, the monetization of cyber incidents and attacks on government infrastructure as critical concerns. Additionally, the publication outlines what cyber resilience best practices are in the following: 

  • Conduct password management, use multifactor authentication (MFA) where possible and monitor credentials where the use of MFA is not possible.  
  • Continually monitor and update software. 
  • Obtain visibility into your organization’s vendor ecosystem and have a third-party risk management plan in place.  
  • Ensure your cloud networks are tightly secured. 
  • Secure and backup all data on a scheduled basis.  
  • Practice network segmentation. 
  • Train employees across the organization on cybersecurity best practices regularly.  
  • Test systems regularly. 

Read our blog for more insight on cybersecurity trends and best practices and trends.  

Why Cyber Resilience and Why Now? 

Historically, cyber gangs like REViL have attacked critical government infrastructure, leaving open critical gaps and potentially exposing important data. As global tensions rise, NATO and other key players across the EU are anticipating large-scale cyberattacks.  

While tensions in Europe escalate, hackers are defacing government websites and placing malware inside of key servers. Governments across the globe are focusing on preemptive attack defense as concerns of hybrid and cyberwarfare arise and conversations of attacks on the US, NATO and other regions of Europe are surfacing.  

Agencies like CISA have responded, citing the attacks as a reason to be on high alert for potential threats and magnifying the importance of cyber awareness and resilience on a global scale. 

What is Hybrid Warfare and How does it Relate to Cybersecurity? 

Hybrid Warfare is a wartime strategy that combines conventional and unconventional attack methods. The goal of hybrid warfare is to exploit and create gaps in enemy defenses from multiple vantage points, ultimately leading to subversion. Hybrid warfare is beneficial in that it causes the target of the attacks to spread resources across multiple areas to effectively detect, deter, and counter attacks, leaving a potentially larger margin for error and subsequent means of infiltration.  

The Impact of Cyberattacks in Times of Political Unrest 

Cyberattacks meant to disable key functions of government servers and infrastructure are a tactic, known as cyberwarfare, that is used as an attack vector in hybrid warfare. Cyberwarfare is an indirect attack, allowing governments to assume less risk without sacrificing the effectiveness of kinetic operations, making it a worthwhile and potentially fruitful strategy. 

What Actions Are Being Taken? 

The US government along with NATO and the European Union (EU) are actioning cybersecurity with high emphasis. Each collaborates to analyze recent attacks, investigate all reported incidents and coordinate with CISA to ensure that agencies are prepared to mitigate risk in an ongoing fashion. Recent actions include: 

Read our blog to learn more about recently released cybersecurity best practices from agencies around the globe.