Written by Samir Tout, Professor of Cybersecurity at Eastern Michigan University
President Joe Biden’s recent warning to American businesses to improve their cybersecurity underscores the importance of the emerging cyberthreat landscape. Such a threat is real and has been for quite some time. The war between Russia and Ukraine may have exacerbated it, but protecting critical infrastructure has been on the minds of many cybersecurity researchers, like me, for quite some time.
In the wake of major attacks, how prepared a company is and how well it has established cybersecurity in its culture can benefit businesses large and small. Some believe that smaller businesses are at greater risk, but the spread of ransomware can potentially weaken any business.
What can happen to a company due to a cyber attack imposed by Russia?
Although Russia stands out as the leading source of malicious cybersecurity attacks, all businesses must prepare regardless of where the attack originates. Traditional hackers, and possibly nation-states, are likely to take advantage of the current situation to cover up their attacks and even launch phishing campaigns targeting sympathizers on both ends. Such attacks can compromise company systems across a large portion of our industries. We cannot forget the tremendous effects that the Apache Log4j vulnerability, the “cyber pandemic”, SolarWinds or the massive worldwide wave of ransomware attacks had on companies of various sizes.
What measures can companies take to minimize their risks?
It is vital that our private sector hardens its cyber defenses. This is a call to action for every entity to do its part and implement cybersecurity best practices while forging partnerships across organizations, leveraging available resources, and working together to thwart potential attacks. There are many resources and incentives for businesses of various types and sizes, such as those provided by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). I strongly recommend that businesses take advantage of the CISA “Shields Up” guidelines and the White House fact sheet on how to protect against cyberattacks. Basic actions can go a long way, such as implementing multi-factor authentication, ongoing patching, data backup, employee education and awareness, and hardening software development systems.
What are EMU students learning to be better prepared for these situations?
Our curriculum teaches students defensive and offensive security techniques and methodologies. Courses related to the former equip them with the knowledge to support, among other areas, enterprise risk analysis, digital forensics, and incident response. As for the latter, students learn ethical hacking and penetration testing, which offer them the practical skills that are essential to help companies uncover vulnerabilities otherwise undiscovered with traditional techniques. We have several labs that allow students to gain hands-on experience, such as the Mobility and Autonomy Cybersecurity lab, which I personally founded, where they become more proficient in protecting modern connected and autonomous vehicles. Unfortunately, the same principles we have long professed, such as “defense in depth” and “strengthening the weakest links,” are not always practiced or even considered by many companies. Therefore, we expect our students to support their future workplaces to establish cybersecurity capability and help them become more resilient against emerging cyberthreats; thus leading our nation to be more secure from cyber threats.
We no longer have any choice but to take serious steps to strengthen the cybersecurity posture of our companies. During these times, if we don’t work together to address such weaknesses, we will virtually leave our nation exposed. We need to work on multiple fronts: educate our students to perform essential cybersecurity roles in various industries, retrain our current workforce, embed cybersecurity awareness as an integral component in every organization, increase our investment in research and cybersecurity development, support more hands-on hackathons that give everyone the opportunity to gain experiential learning in cybersecurity. We must also work closely with our legislators and the public and private sectors to create the right legislative support system for cybersecurity.