Amid the Russian invasion of Ukraine and resulting U.S. and European Union sanctions on Russia, President Joe Biden has denied reports that he was considering cyberattacks against the country. However, two attacks on Ukrainian government websites serve as a reminder for businesses to double-check cybersecurity practices and software.

“The main thing right now to be worried about is the hacks are up,” said David Willett, Spark Underwriters founder and chief underwriting officer. Willett previously worked for the cybersecurity firm Assured Enterprises.

“When other people are hacking with increased activity – let’s say that they happen to be in a given area – it inspires other hackers in other parts of the world to hack as well because they know when everybody’s doing it it’s even easier to do it for them. It’s not just like a certain part of the country is going to be doing it. It’s going to be the whole world. … Financial transactions right now are really targeted. A lot of the sanctions have to do with blocking financial instruments.”

Willett recommends business owners and their employees:

• Be vigilant against phishing emails by looking closely at emails from external parties and never clicking on a link in the email without being certain it’s safe;
• Always report suspicious links and emails;
• Use a virtual private network (VPN) to protect your online privacy and identity on phones and tablets, such as the free app ShadowNet;
• Make sure security software on computers is always updated to the latest version to better protect against threats;
• Limit social media use to entertainment only because of the high frequency of hacking on the site; and
• Avoid clicking links on entertainment, food, cooking, and cheap travel sites because they’re a hotbed for hackers.

All of Willett’s tips can also be applied to individuals on their personal devices. Specifically, in regard to social media, Willett said, “If you have the app and are using it properly, it will block communication to parts of the world you probably have no idea your phone sends signals to on your behalf.”

Collision repairers, along with several automotive employees, have an added cybersecurity responsibility when it comes to vehicles equipped with advanced driver assistance technologies (ADAS), according to the National Highway Traffic Safety Administration (NHTSA).

“To ensure a comprehensive cybersecurity environment, NHTSA has adopted a multi-faceted research approach that leverages the National Institute of Standards and Technology Cybersecurity Framework and encourages [the automotive] industry to adopt practices that improve the cybersecurity posture of their vehicles in the United States,” NHTSA’s website states.

Last week during a Collision Industry Electronic Commerce Association (CIECA) webinar, Brandon Laur and Steve Driz with CCi Global Technologies warned ransomware attacks are a huge problem for the collision industry right now and have recently become more sophisticated. They said no one in a business should be given full administrative control and access to data because if they become compromised, everyone will be. Laur and Driz provided other useful cybersecurity risks during the webinar that are highlighted in this article.

To avoid phishing attacks, the Federal Trade Commission recommends setting up security software on computers and phones to conduct automatic updates. Multi-factor authentication should also be used to log in to online accounts and data backed up, according to the FTC.

IMAGES

Featured image credit: courtneyk/iStock

More information

Auto body shop cyberattack vectors can include employees, IT remote access