IT staff warned cyberattacks may follow Ukraine invasion • The Register

As the invasion of Ukraine heads into its third week with NATO allies ratcheting up sanctions against Russia, infosec vendors have urged Western governments and businesses to prepare for retaliatory cyberattacks.

According to Mandiant, Ukraine remains the top target for destructive or disruptive cyberattacks. That said, several US and EU sectors including government, financial services, energy and utilities, and transportation face a “moderate-high” risk of attack from Kremlin-backed miscreants. Media outlets, meanwhile, face a “moderate” risk. 

So far, apart from a few standout moments – such as web systems being knocked over, wiper malware infecting machines, and satellite communication terminals coming under attack – there’s been little indication of a serious, widespread escalation in cyberwarfare between Russia and Ukraine and its allies.

“The nature and length of NATO and Western sanctions and responses likely will heavily influence Russia’s perception of high-priority targets for retaliation,” warned Mandiant, which sells cyber-defense products and services.

“Organizations making public statements condemning Russian aggression and/or supporting Ukraine and organizations taking actions to restrict Russian participation in international commerce, competitions, and events face elevated risk of future reprisal.”  

This warning comes as a slew of tech companies have pledged to drastically scale back sales in Russia and Belarus, if not quit both countries altogether. Others, including Cloudflare and Akamai, have said they’ll keep their networks up and running in Russia to provide its citizens with connectivity to the rest of the world — but they’ve also said they stand with Ukraine.

At the very least, as we’ve previously reported, Western governments and organizations should prepare for Russian cyber-espionage, according to soon-to-be-Google-owned Mandiant. However, threat actors like Sandworm and the…