European regulators (5, 6) have called on EU public and private sector organizations to improve their overall resilience to cyberattacks. CERT-FR and ANSSI are calling on French organizations to increase their cyber vigilance (7). Authorities warn that the following sectors would be more likely to be targeted by a Russian cyberattack in the near future: banking, defense, communications services and the energy sector.
Aside from the preparations for the conflict back in the end of January, we were able to observe cyberattacks against logistics sector, specifically attacks on port infrastructure.
Today, we believe that the impact of the conflict on organizations from countries other than China, Russia, Belarus, Venezuela, Northern Korea and Syria, could be the effect of indirect attacks on Eastern Europe or allied countries with which French entities have a technical, physical or human liaison (i.e., Northern European energy transit, major port terminals etc). As a reminder, NotPetya, originally designed and deployed to target Ukraine, had infected, and crippled a significant number of organizations outside Ukraine such as France, Germany, Italy, USA and United Kingdom among other countries.
Russia may support opportunistic malicious actors in order to weaken any entities belonging to countries adhered to NATO. These malicious actors could take advantage of Russian invasion of Ukraine to distribute and spread malware (e.g., through Ukrainian companies). Thus, it is necessary to prepare against significant increase in malicious campaigns on “Western” organizations and entities.
Several editors have furthermore observed an upsurge in cyberattacksagainst energy, aviation and media sectors in Europe since the beginning of February 2022 by threat actors allegedly geolocated in Russia (RansomExx, LockBit, Hive, BlackCat, BlackByte and Conti).