SAVANNAH, Georgia (WSAV) – With the Russian invasion of Ukraine, US officials say that country could also be the target of cyberattacks. Homeland Security warns that many businesses in the United States could be exposed to cyber threats.
Frank Katz, assistant professor of information and technology at Georgia Southern University, says most businesses, regardless of size, should review data security measures and strengthen their security.
He says your home computer probably isn’t as much at risk, but your work computer is not.
“A business should be aware of all the devices that are connected to its network and which ones should no longer be connected and need to be disconnected,” Katz said.
Katz says it was an unused server that allowed Russian actors to hack Colonial Pipeline systems last year. The pipeline was shut down for several days.
“The Colonial Pipeline hack last year was caused by them leaving a server connected to their system that hadn’t been used in years, but contained many user IDs and passwords,” Katz explains. “The pirate harvested maybe one or two and decided to attack them that way.”
Katz says companies need to be on high alert and employees need to be more aware that Russian actors may try to target the company via one-to-one emails.
“Companies need to enforce their usage policies and make sure employees are doing what they’re supposed to do,” Katz said.
He expects more companies to be targeted with fake emails asking the employee to click on a link in the email. While clicking that link may seem benign, Katz says it could set off a chain reaction that could allow a hacker to gain access to your company’s system. He says it happens.
“I’m pretty worried,” Katz said. “Finally, some employees might not think twice and if there was an attack, they might indeed let someone into their organization.”
Homeland Security says utilities, banks and hospitals could be particularly targeted.
Katz says employees just need to be aware and careful.
“Never click on a link. This goes for whether you are at home or at work. You should never click on a link in an email to do anything unless you’re absolutely sure it’s secure,” Katz said.
When it comes to your home computer or personal laptop, Katz says there are things you can do to increase security, which, first of all, makes sure you secure your Wi-Fi connection with a strong password. It also says to personally follow the same safety protocols your employer asks you to follow at work. Don’t click on links in emails, even if they look legitimate. He said to always visit a website directly to do business and not to click on links in emails supposedly sent to you by those companies.
Katz also said you should secure your phone with security and antivirus software and use a personal VPN (virtual private network) feature to encrypt purchases and provide other security measures. Finally, he says to be careful when going to a place like a coffee shop and using the free Wi-Fi. Do not pay bills or respond to important emails where personal information might be involved, as these free networks are normally not secure.