Russia Invasion Of Ukraine Poses Grave Threat To MSPs: Lt. General Russel Honore
Retired Lieutenant General Russel Honore, a decorated 37 year U.S. Army veteran, says he expects the Russia invasion of Ukraine to lead to increased ransomware attacks here at home.
Retired Lieutenant General Russel Honore says MSPs should assume that they and their customers will face a cybersecurity attack from Russia within the next 24 hours.
“They need to make that assumption and put together a plan to deal with it,” he told CRN in an interview after his keynote session at CRN parent The Channel Company’s XChange 2022 conference. “They need to make sure their people are dealing with this right now while they are here at this show.”
Furthermore, he said MSPs should reach out to make sure their customers are putting in place precautions to prevent Russia-based cyberattacks.
“They should also be making sure their customers are putting together the same kind of plan because their customers are linked to their businesses,” said Honore, who is best known for leading the military relief effort in New Orleans after Hurricane Katrina. “In the data world, your customer is like a patient. You are connected to them with an IV (an intravenous needle in a vein). If you are sick, they are sick. If they are sick you are sick because this is a virus.”
The potential for increased cyberattacks in the wake of the Russia invasion of Ukraine is a hot topic at XChange 2022 in Dallas, which runs until March 1. The vast majority of MSPs in a straw poll said they are concerned about increased cyberattacks as a result of the war.
In addition, ThreatLocker co-founder and CEO Danny Jenkins told XChange attendees that the Russia invasion of Ukraine has sparked a 600 percent increase in cyberattacks. He said MSPs need to be concerned about nation-state-sponsored attacks.
Honore, who was recognized for his leadership to bring back New Orleans with military relief efforts in the wake of Hurricane Katrina, had some blunt advice for MSPs: “Don’t be stuck on stupid. Put your shields up. Change passwords frequently and don’t leave your computers on. Turn them off.” Here is an edited transcript of Honore’s remarks on the Russian invasion of Ukraine.
Do you think there is a cybersecurity threat here in the United States because of the Russia invasion of Ukraine?
Yes. I am most concerned about the (cybersecurity) renegades in Russia that (Russia President Vladamir) Putin might turn loose – the dogs of war- who have no formal government affiliation. They are renegades that normally attack cities in the United States with ransomware and make them pay to get their data back.
So do you think we will see a marked increase in ransomware?
Absolutely emanating from Russia or from friends they have here in the U.S. There are a lot of Russians in the U.S.
Here at XChange 2022, the vast majority of attendees in a straw poll said they are concerned about increased MSP attacks as a result of the Russia invasion of Ukraine. What do you think of that?
It’s a reality. Russia has done it before. Look at what happened over the last year when Russia came after us with the cyberattack on the Columbia Pipeline and several cities.Russia has claimed those are renegades or criminals. But Putin turned those renegades loose.
What is the call to action to action for American citizens and the technology entrepreneurs you addressed here at XChange 2022?
Don’t be stuck on stupid. Put your shields up. Change passwords frequently, and don’t leave your computers on. Turn them off.
What are some of the dynamics going on with regard to the cybersecurity threat that will take hold if Russia takes control of Ukraine?
Ukraine is a technologically advanced country. They do a lot of data mining for bitcoin. They are involved in data storage and cyber. There will be part of the Russian army that will try to go in and exploit what has been left behind.
The world does business with Ukraine. They provide a lot of services to other countries. There are some 16,000 students from Egypt, Africa, Morocco who were studying in Ukraine. Now they are trapped in this war.
Ukraine is digitally connected to the Western world. So internet technology that is there will be exploited by the Russians. Ukraine has to move from where they were a week ago not thinking that the Russians were coming to the fact that they are now there.
The big issue now is how do we isolate what we can that is now in Ukraine so that it doesn’t get exploited in our networks. Because when you deal with somebody’s data you trust them. Right now that data could be at risk because the Russians will have access to it. That could be trouble for a lot of people.
All of the civil and court records in Ukraine could be available to Russia. So they could figure out where people live and how to go after them. This is a travesty.
Civil servants in Ukraine have now left their homes during the insurgency. The Russians will now be able to know where they live if they capture that data. There are a lot of ugly things going on. What you seeing going on on the battlefield is only a part of it. The other part is the information war if the Russians get control of the databases in Ukraine.
Hopefully Ukraine was able to shift that data out of the country. Data is like anything else you can move it. You could move it to France, the U.S. or Germany. Hopefully that has been done. But remember up until a week ago the Ukrainians didn’t think this was going to happen. Now that they are under attack. They have to figure out how to export that data.
Ultimately how grave a threat is Russia’s attack on Ukraine with regard to the potential cybersecurity impact on the United States?
It could close down our financial system and turn some of our power grids off. There are a lot of mom and pop industries and medium-sized companies that spend more money on CEO bonuses than they do on cybersecurity.
Right now most companies provide more money to CEO bonuses than they give to cyber defense. A cyberattack is easy. Cyber defense is hard. You have got a lot of isolated kids in their grandma’s basements doing cyberattacks. Cyber defense is hard.
Should the U.S. be doing more to prevent cyber-terrorism including attacking the bad guys with our own cyberattacks?
We can do cyberattacks. We are very good at it as a nation. We invented this stuff. Cyber defense is different.
What should the technology entrepreneur and solution provider owners here at XChange 2022 be doing to prevent these cyberattacks?
Assume that in the next 24 hours you are going to be attacked. They need to make that assumption and put together a plan to deal with it. They need to make sure their people are dealing with this right now while they are here at this show
They should also be making sure their customers are putting together the same kind of plan because those customers are linked to these businesses. In the data world your customer is like a patient. You are connected to them with an IV (an intravenous needle in a vein). If you are sick, they are sick. If they are sick, you are sick, because this is a virus.