Protect against Russia-Ukraine heightened cyberthreats

Protect against Russia-Ukraine heightened cyberthreats

As the events in Ukraine continue to develop, we want to be sure you know how Barracuda is supporting customers and partners.

We first want to express our deepest sympathies and solidarity with the Ukrainian people. We also condemn the attacks by the Russian Government on the independent and democratic nation of Ukraine, which have set off a global emergency that will have lasting effects on millions of people.

Barracuda is actively working to help the citizens and nation of Ukraine, including providing support for our customers and partners in Ukraine.

We have set up this resource center to keep our customers and partners around the world updated on the latest information as the situation evolves.

At Barracuda we stand with Ukraine and are united with others in support for the sovereign democratic rights of Ukraine and its people.

Cyberthreat status

The state of cyberthreats due to the Russia-Ukraine crisis is rapidly evolving. Barracuda continues to monitor the activity, harden protections for our customers, and share our analysis and findings to stay at the forefront of cyberattacks. We are also reviewing our own security controls in preparation for increased activity. For details on Barracuda’s own security posture and how we are complying with U.S. sanctions visit our Trust Center. For the latest threat advisories visit our blog.

Best practices

What should you be doing right now?

The Russian government and other entities have announced their intention to cyberattack organizations located in countries that oppose the Russian government.

What does this mean for you and your organization? No matter the industry or size of your organization, there is a heightened risk of cyberthreat, which can result in stolen data, maliciously deleted data, or other highly damaging activities. Distributed denial of service (DDoS) attacks have also been on the rise.

There are specific steps you can take now to reduce the risk to your business.

Patch all systems now and keep the systems up to date. The Cybersecurity and Infrastructure Security Agency has a list of vulnerabilities, but attackers will also be exploiting unknown or new vulnerabilities.

Require multifactor authentication (MFA) for all remote access or admin accounts. With a product such as CloudGen Firewall, you can enforce MFA even with applications that don’t offer it. Take special care to protect remote access portals (VPN, RDP, SSH).

Implement Zero Trust Access so that users only have access to the applications they need to do their jobs. This makes it harder for an attacker to use stolen credentials to breach your network.

Tell your workforce to be alert as this is a time for extra vigilance. Encourage them to flag any unusual email/voice mail/text — especially those with attachments or credential requests — and have a staffed email address available to respond.

Ensure your email security fully protects your users against all email threat types from malware and zero-day threats, to socially engineered phishing attacks.

Secure your web applications from malicious hackers and bad bots by enabling web application and API protection services, including DDoS protection.

Put a crisis-response team in place for any suspected cyberthreat and identify alternate candidates to make sure key roles are always staffed. Also, update your incident response plan and communicate it to the rest of the organization.

Backup all information, including data from SaaS applications. You should have a backup that offers immutable storage of data and multiple copies of the data, and ideally, the backup should not present as a share on the network. You should also test your backup recovery.

Find out how to protect your organization.