
Rob Shapland, Head of Innovation and Ethical Hacker, joined the BBC World Service’s Newsday programme discussing the warning the US have issued to businesses that Russian cyber attacks may increase in response to Western sanctions.
Listen back here on BBC Sounds from 15.29 minutes:
https://www.bbc.co.uk/sounds/play/w172xv368xzksy1
Newsday: The Kremlin on Tuesday rejected warnings by the US that Russia could potentially conduct cyber attacks in response to western sanctions.
Lets head over to our business sets in Hong Kong to speak to Andrew Wood. Andrew you’ve got more in this?
Andrew Wood [AW]: Yes, Russia says it doesn’t do such things. It says America does but America is still asking businesses to consider the risks.
Let’s talk now to Rob Shapland at the cyber security consultancy Falanx Cyber.
A good morning to you Rob, the European Commission is proposing new regulations to monitor cyber security. Sounds like that’s coming rather late – now that there’s a war going on in Ukraine.
Rob Shapland [RS]: Morning Andrew, yeah it is rather late. I mean this is stuff we should have been doing a long time ago. We’ve known for a while that a lot of our businesses are particularly vulnerable to cyberattacks and if Russia does expand beyond Ukraine in what is targeting then along these businesses could be very vulnerable so it’s right time to put these regulations in now, but it would be better to put them in earlier definitely.
AW: So what kind of attacks can businesses expect at the moment? How might say a Russian attack be different to just an ordinary hacker who wants to mess around? Or just cause mischief?
RS: Well it seems to be a bit more capable. So there’s two main types of attack that they will see. So first ones called denial of service which is kind of when you’d send a massive amount of data a website or company and knock them offline for a period in time. But it’s a bit like shining a torch in someone’s eyes – you know any last for a few seconds, remove it away and it goes away.
The more damaging ones are ransomware wiper attacks where Russian entities will attempt to infiltrate a network. They’ll then take all the data and either encrypt or just destroy it. Essentially crippled the company so any company that’s not got their cyber security defences in place could potentially be the target of this and it could have a massive effect on their ability to operate as a business.
AW: If you were in the Russian military what would you be targeting in business in the West?
RS: Well, I would be going for critical national infrastructure; water, power, etcetera. That is very well defended but also looking to disrupt the financial system as a way of getting back at the sanctions. They can’t attack us directly without escalating the war but they can do cyberattacks without doing that so I would go for financial institutions try to sort of counteract those sanctions in a way
Okay Rob Shapland at the cyber security consultancy Falanx Cyber. Some useful tips.
Their business could well become collateral damage in the what’s going on well there’s the increasing dispute between the West and Russia over Ukraine.