Russia's Ukraine Invasion: How Serious Is the Cybersecurity Threat to Businesses?

pcmag.com:

Russia's shocking incursion into Ukraine has stunned the world. In its wake, speculation runs high about a possible broader, behind-the-scenes fight—one that could potentially involve Russian cyberattacks against targets in the United States and elsewhere. How worried should your business be?

In a sense, the US may already have fired the first shots in this covert conflict. In a speech addressing Russia's Ukraine invasion, President Biden said that in addition to imposing crippling economic sanctions against Russia, he had taken steps to strengthen the US's cyber defenses and its ability to counterattack. American intelligence agencies have reportedly briefed the president on offensive options, ranging from interfering with Russia's banking systems to disrupting its power grids and even derailing trains.

If the US enacts such measures, there can be no doubt that Russia will respond in kind. Online warfare has become a key tool in the Kremlin's arsenal. The US has blamed Russia for a massive cyberattack that struck Ukraine just days before its military invasion. Even before that, it imposed economic sanctions in response to a wave of worldwide attacks, including Russia's suspected involvement in the NotPetya ransomware outbreak. There's no telling where Russia or its agents may strike next.

It's true that small and midsized businesses, by themselves, are not high-value targets in state-sponsored digital warfare. Governments, militaries, energy, finance, and critical infrastructure organizations face the greatest risk. But that's not to say that SMBs shouldn't be concerned. The US Cybersecurity and Infrastructure Security Agency (CISA) has cautioned that "every organization—large and small—must be prepared to respond to