A Ukrainian soldier stands at a checkpoint in Kyiv, Ukraine.
According to a threat advisor from cybersecurity firm CyberCX, New Zealand organizations are at increased risk of cyberattacks from pro-Russian criminal groups and “hacktivists” as a result of the war in Ukraine.
The company’s cyber intelligence experts are actively monitoring the conflict in Ukraine and its impact, CyberCX said in a statement. Organizations in New Zealand and Australia face a real chance of ransomware, data theft, extortion and distributed denial-of-service (DDoS) attacks, it said.
CyberCX Executive Director of Security Testing and Assurance Adam Boileau said the most vulnerable companies and organizations are high-profile companies and organizations, particularly if they operate critical infrastructure, have publicly opposed the conflict, are involved in enforcing sanctions against Russia have been involved or operate in sectors analogous to those in Russia that have been targeted by sanctions – such as energy and financial services.
The warning comes after United States President Joe Biden this week urged US companies to ensure their digital doors are tightly closed as Russia considers launching cyberattacks against critical infrastructure targets as the war in Ukraine rages on .
* Biden warns US companies of possible Russian cyberattacks
* Cyber attacks launched in parallel with the Russian military attack on Ukraine
* Russian threat to Ukraine: Kiwi firms advised to prepare for “cyber” outages
“With attacks on energy, logistics and IT organizations in NATO countries already identified, the risk for New Zealand and Australia has definitely increased,” Boileau said.
Kiwis are urged not to underestimate the risk of being hacked.
CyberCX had observed three major cybercrime groups with Russian connections targeting Australian and New Zealand organizations over the past six months, indicating an increased risk for critical infrastructure providers in Australasia.
“New Zealand is definitely on the radar of cyber attackers and should not be led to believe that it is protected due to geographic isolation,” Boileau said.
Cybercriminals with no ideological or geographic ties to the Russia-Ukraine conflict were also expected to exploit it through phishing and cyber-powered fraud attacks against Kiwi and Australian organizations, he said.
Boileau noted that fake calls for donations had been identified on social media sites, including TikTok and Twitter, with scammers claiming to be Ukrainians in dire need of cryptocurrency assistance.
Cyber activities related to the conflict have increased “enormously” as more “noise” in the cybercrime ecosystem makes it more difficult for regional organizations to assess and monitor threats, he said. Hacktivist group activity, hoaxes and misinformation have also skyrocketed, he said.
The National Cyber Security Centre, a branch of the Government Communications Security Bureau, last month advised key New Zealand companies to beef up their cyber defenses in response to heightened tensions between Russia and Ukraine.
The center said there is an increased potential for cyberattacks and encouraged nationally significant organizations to “consider and strengthen” their cybersecurity preparedness.