Blog

What Concerns Cyber Pros Most About the Invasion of Ukraine

Mar 22, 2022

What Concerns Cyber Pros Most About the Invasion of Ukraine As the invasion of Ukraine continues alongside a pronounced increase in online disruption aimed at the main sanction-imposing economies, speculation is rampant that a barrage of related cyberattacks on Western allies will at some point result in a mega breach or worse – an incident that may affect critical infrastructure and damage public utilities or vital data stores. To better understand how cybersecurity professionals are assessing the situation, we conducted a poll of (ISC)² members.

More than 260 (ISC)²-certified cybersecurity professionals from 41 countries participated, including Ukraine and the Russian Federation. They represent 33 different industries, with the most in financial services, followed by IT services and healthcare. These are their insights.

Not surprisingly, cybersecurity professionals all over the world are concerned about a rash of new threats emerging from the conflict, including ransomware, data-wiping malware, Zero Days and DDoS attacks. Their other concerns generally fall into one of five categories. 

Critical infrastructure and the supply chain

The top concern across the board was the immediate threat to critical infrastructure and essential supply chains that would put lives at risk anywhere in the world.

“Critical infrastructure may be attacked by DDoS, affecting the availability of systems and causing inconvenience to citizens in terms of water, electricity and travel,” said one respondent from China.

A member of the German military was concerned “that the hacktivist efforts against Russia will be incorrectly attributed to the U.S. and will lead to an escalation such as a large scale cyberattack on U.S. critical infrastructure and/or the banking sector…”

“Critical Infrastructure and utilities will be affected. There are serious gaps and vulnerabilities that exist in critical infrastructure, and these will be exploited by the adversary with devastating effect,” said one respondent from India.

A software developer from the U.K. remarked that “collateral damage to supply chains and providers, which in turn impacts delivery of essential services and supplies and the mass movement of populations causing major disruption to economies” is the biggest concern.

“I am concerned about another critical infrastructure incident similar to the Colonial Pipeline breach,” said another U.S. respondent working in higher education.

And one respondent from Sweden worried that “key infrastructure with flex OT [Operational Technology] will be compromised and stop functioning, [including] power, logistics, food supply chain and bank systems.”

Lack of preparedness

In addition to being concerned about how attacks could shut down critical functions of society, respondents were also concerned about the level of preparedness that exists to combat such attacks.

“I am worried that few companies have a sufficient incident response system,” said one IT services manager in Japan.

“Operational capacity and readiness” was the top concern for a member of the U.S. military.

A respondent from the financial services sector in Myanmar added, “. . . every country should assess security risks on their critical infrastructure and implement appropriate mitigation controls before it is too late. National CERT (computer emergency response) teams continuously assess the national cyber spaces and should inform private and public organizations about updated threats including prevention techniques.”

And a respondent from Oman said, “[a] number of organizations are not ready for quick response to cyberattacks and rebuilding the environment to continue business.”

Data Loss/Ability to do Business

While critical infrastructure and supply chains are of primary concern, cybersecurity professionals also worry about threats to businesses and how their customers could be impacted financially.

A member of the Japanese government remarked that “finance institutions may not be able to conduct business, people may not be able to get access to their bank accounts or pay bills.”

A Norwegian poll respondent was most concerned about “common operational infrastructure for banks.” And in Malaysia, one member lamented the chance of a “total shutdown of business.”

A respondent from Singapore in the financial services sector indicated that “financial interruptions” are the biggest concern right now.

Precedent

Respondents also looked beyond the current wave of attacks to the future. They questioned whether cyberwar tactics would become a global norm.

“Cyber warfare is now a reality and is equally important along with traditional warfare. Hence, having both attack and defense strategies in line with traditional warfare to maintain one’s national sovereignty is a must,” said a respondent from India.

While a member from Ghana said, “my biggest concern is the potential for cyberattacks to become a ‘legitimate’ weapon in modern day warfare.”

Opportunism

Some respondents foresaw the possibility of non-related attacks taking advantage of the worldwide attention on Ukraine to sneak by undetected.

One Japanese member cited “increased cyberattacks in the wake of confusion” as concerning.

Another Japanese respondent said their top concern is “phishing scams disguised as donation requests.” While an MSSP IT services manager in The Netherlands remarked, “if ever Zero Days and managing/protecting against abusing them was important, this period will probably prove we need to up our game there.”

Let’s Not Lose Sight of the Human Cost

What’s clear is that cyber professionals everywhere are concerned about the ramifications of the invasion. Even as cyber threats are weighed, some respondents sent a reminder that it’s important not to lose sight of the fact that human lives are at stake in Ukraine.

One Taiwanese cyber professional in the education field indicated the top concern right now is for “human rights.”

Meanwhile, a respondent from Ukraine summed up their feelings on cyber threats by simply saying, “Right now all our services are under physical attack, so cyberattacks in comparison with physical [destruction] of our infrastructure and people [takes] second place.” This sentiment was also echoed by a Russian Federation professional, who when asked the same question about their top concern summed it up by saying, “People’s lives.”

What are your biggest concerns about the Ukraine invasion? Join the ongoing discussion in the (ISC)² Community forum.

Stay Prepared

Read the (ISC)² Cyber Preparedness Guide today by visiting “Steeling For Disruptive Cybersecurity Attacks on Business and Infrastructure .”