[author: Doug Austin, Editor of eDiscovery Today]
Many of us are watching the Russian-Ukrainian situation these days, and the situation seems to be getting worse, not just daily, but hour by hour. The situation has global ramifications in just about every possible way, including economically and (of course) the potential consequences on human lives.
With the situation involving Russia, another potential ramification is cybercrime, and this impact not only affects businesses in the United States, but also potentially US government entities.
Russia and Ukraine from a Cybernetic Point of View
Russia has been fighting with Ukraine for years, not just recently. And the conflict didn’t just take place on the battlefield; he was also in cyberspace as well. In June 2017, a new variant of the Petya malware was used in a global cyberattack, primarily targeting Ukraine. This new version was dubbed “NotPetya” to distinguish it from previous variants and it targeted a Ukrainian tax preparation program that was considered “de facto” among companies doing business in the country.
However, the code the hackers released was designed to spread automatically, quickly, and indiscriminately. Within hours of its first appearance, NotPetya spread beyond Ukraine and to many servers around the world, including the United States, affecting several large multinational corporations around the world.
At the time, US intelligence agencies attributed the attack to the Russian military and the White House called the NotPetya attack “the most destructive and costly cyberattack in history”. And it was an attack that was not even directed against American interests.
Fast forward about 4 and a half years and we just saw a cyberattack last month on about 70 Ukrainian government websites, which Ukrainian officials blamed on Russian hackers. Given the current tensions and the possibility of the West becoming embroiled in the conflict (with sanctions against Russia already imposed), it is not a stretch to expect that US government sites will also be targeted. .
Information Governance and Information Security from a Government Perspective
Last year, IPRO surveyed records management, IT, legal, data privacy/security, general management, and other professionals at local, state, and federal government agencies across the country (you can get a copy of the white paper discussing the survey results here) and one of the questions asked was which facets of information governance will be most important to their agency in the years to come.
While (unsurprisingly) the most common answer was records and information management, the second most frequently cited facet of governance that would be important was information security and protection, mentioned by 48% respondents.
As the white paper notes: “Agencies are attacked by a wide range of threat vectors, including hackers and other cybercriminals, state-sponsored attackers, malware creators, hacktivists and others. These malicious actors are using increasingly sophisticated methods to gain access to valuable data. ” No kidding.
Why is this an information governance issue? Because one of today’s biggest information governance challenges for organizations is locating and securing sensitive data. If an organization has good practices and the ability to leverage technology for information governance, its ability to identify and protect its most sensitive data is greatly improved. And probably no type of organization has more sensitive data to protect than government entities.
Conclusion
Many of us hope that the Russian-Ukrainian situation will calm down for various reasons, many of which have nothing to do with information governance. However, from the perspective of a government entity, the issue of cybercrime is another potential impact of this conflict and the potential for cyberattacks is imminent. Government entities whose information governance “house” is in order may be better protected to resist these attacks than those that do not.
The ability to locate and secure sensitive data is more than just a cybercrime issue, it’s an information governance issue. Especially for government agencies in this climate of global conflict.
[View source.]
