If it seems like there’s more security breaches than ever in just the last month, you’re not wrong. Long story short, Russia attacks Ukraine, anonymous hackers around the world support Ukraine and attack Russia via the Internet.
Russia retaliates. The key here is to understand that every nation-state has a collection of “secret” security flaws that they keep in their back pocket for a rainy day. By not telling anyone, and also not exploiting it themselves, a flaw may remain hidden for years. And Russia has decided to open their Pandora’s box of rainy-day flaws, leveraging their worldwide botnets numbering in the millions to basically attack everybody at once.
In other words, WW3 has started, in cyber-space.
The biggest challenge here is the sheer numbers. Not of the botnets, but of the flaws themselves. When security researchers discover a new attack, it takes time to figure out how it’s being used and how to detect and defend against it. Most teams working on this sort of thing were already stretched for resources, now they are literally having to triage what to work on, and where a typical flaw might have only taken a few hours or days to understand before, it may be weeks or longer now.
What to do? The question is no longer whether you’ll get breached (you will!) but how far it gets and how quickly it’s detected and stopped.
Network segmentation, Balkanization of data, and traditional firewalls and anti-virus etc still have their place, but layered security, with AI-driven behavior analysis and traffic analysis included, with 24/7 SOC support, is no longer a luxury but an absolute requirement these days.
Fortunately, the tools that used to only be accessible with a Fortune-500 budget are becoming available to SMBs/SMEs as well. Understand and deploy them, now!