Written by Doug Austin, Editor of eDiscovery Today
Many of us are keeping an eye on the Russia-Ukraine situation these days, and the situation seems to get more serious, not just daily, but hourly. The situation has worldwide ramifications in just about every way possible, including economically and (of course) the potential toll on human lives.
With the situation involving Russia, another potential ramification is cybercrime, and that impact affects not just corporations in the US, but potentially US government entities as well.
Russia-Ukraine from a Cyber Perspective
Russia has been battling with Ukraine for years, not just recently. And the conflict hasn’t just been on the battlefield; it has also been in cyberspace as well. In June 2017, a new variant of the malware Petya was used for a global cyberattack, primarily targeting Ukraine. That new version was dubbed “NotPetya” to distinguish it from previous variants and it targeted a Ukrainian tax preparation program that was considered to be “de facto” among companies doing business in the country.
However, the code that the hackers pushed out was designed to spread automatically, rapidly, and indiscriminately. Within hours of its first appearance, NotPetya extended beyond Ukraine and out to numerous servers around the world, including the US, affecting several major multinational companies all over the world.
At the time, US intelligence agencies attributed the attack to Russia’s military and the White House called the NotPetya attack the “most destructive and costly cyber-attack in history”. And that was an attack that wasn’t even directed at US interests.
Fast-forward about 4 1/2 years and we just saw a cyberattack last month on about 70 Ukrainian government websites, which Ukraine officials blamed on Russian hackers. Given the current tensions and the potential for the West to get involved in the conflict (with sanctions against Russia already imposed), it’s not a stretch to expect that US government sites could be targeted as well.
Information Governance and Information Security from a Government Perspective
Last year, IPRO surveyed records management, IT, legal, data privacy/security, executive management, and other professionals at local, state, and federal government agencies around the country (you can get a copy of the white paper discussing the survey results here) and one of the questions asked involved which facets of information governance will be most important to their agency in the coming years.
While (not surprisingly) the most common response was records and information management, the next most often cited facet of governance that would be important was information security and protection, mentioned by 48% of respondents.
As the white paper notes: “Agencies are under attack from a large array of threat vectors, including hackers and other cyber criminals, state-sponsored attackers, malware creators, hacktivists, and others. These bad actors are using increasingly sophisticated methods to get to valuable data.” No kidding.
Why is it an information governance problem? Because one of the biggest information governance challenges today for organizations is locating and securing sensitive data. If an organization has sound best practices and the ability to leverage technology for information governance, its ability to identify and protect their most sensitive data is enhanced immeasurably. And there’s no type of organization that likely has more sensitive data to protect than government entities.
Many of us are hoping that the Russia-Ukraine situation settles down for a variety of reasons, including many that have nothing to do with information governance. However, from a government entity perspective, the cybercrime concern is another potential impact of this conflict and the potential for cyber attacks is imminent. The government entities that have their information governance “house” in order may be better protected to withstand those attacks than those that don’t.
The ability to locate and secure sensitive data is more than just a cybercrime issue, it’s an information governance issue. Especially for government agencies in this climate of world conflict.
And for more educational topics from me related to eDiscovery, information governance, cybersecurity and data privacy, feel free to follow my blog, eDiscovery Today!