Just The Facts: Cybersecurity and the Russian invasion of Ukraine

Just The Facts: Cybersecurity and the Russian invasion of Ukraine

On February 24, 2022, Russia began its invasion of Ukraine. The resulting sanctions have had global impacts, affecting consumers and businesses both in Russia and abroad, most notably for consumers in terms of energy prices. This month’s newsletter will highlight some of the main concerns many of us have regarding cybersecurity.

Recent cybersecurity concerns Q&A

What cyber threats are happening due to the Ukraine-Russia war?

There are no credible threats to the U.S. homeland. Still, the U.S. government has reported seeing "preparatory" Russian hacking activity toward U.S. businesses but has not concluded whether such attacks will occur. Any response from Russia towards the U.S. would likely be engagement in cyberattacks on U.S. critical infrastructure and the businesses supporting said infrastructure. An initial access attack would likely come in a Spear-Phishing Attachment, Supply Chain Compromise, or Drive-by Compromise.

How can people be protected from cyberattacks related to this issue?

Continue to follow cybersecurity best practices. That includes being cautious of suspicious emails sent by odd senders and domains and thinking before clicking on and downloading anything.

What does all of this mean for you?

Now is the time to put cybersecurity awareness at the forefront of your mind. Update your passwords, and you might even want to look into getting a password manager if you don't already have one. Setting up multi-factor authentication on your accounts is also an excellent step to take. This adds an additional layer of security to your personal information. Take time to check all of your devices for updates, and some will automatically update, some you will have to manually check. Lastly, continue to listen to your organization’s security team for any information or updates they have. They are constantly monitoring your network and evolving situations.

Where can I go to find valuable and helpful information?

Often, we are inundated with loads of information, and it can be hard to decide the best places to find the facts. We have provided a helpful resource that may be useful if you are interested in doing more research and staying on top of the ongoing situation.


Cybersecurity and Infrastructure Security Agency — Shields Up. This site is up to date with critical information about cybersecurity-related issues due to the conflict.


Cybersecurity and Infrastructure Security Agency — This page provides information on CISA’s assessment of the Russian government’s malicious cyber activities.

Taxpayers — don’t fall for these taxing tricks!

The following information comes directly from www.irs.gov.

IRS Tax Tip 2020:
The IRS will never:

  1. Call to demand immediate payment using a specific payment method such as a prepaid debit card, gift card or wire transfer. Generally, the IRS will first mail a bill to any taxpayer who owes taxes.
  2. Threaten to immediately bring in local police or other law enforcement groups to have the taxpayer arrested for not paying.
  3. Demand that taxes be paid without giving taxpayers the opportunity to question or appeal the amount owed.
  4. Call unexpectedly about a tax refund.

Taxpayers who receive these phone calls should:

  1. Record the number and then hang up the phone immediately.
  2. Report the call to TIGTA using their IRS Impersonation Scam Reporting form or by calling 800-366-4484.
  3. Report the number to phishing@irs.gov and be sure to put "IRS Phone Scam" in the subject line.

Tuesday Training… "Password Security”"

Get to grips with the challenges of password security. Explore password problems and protection tips, and get the facts you need to keep your data secure.