閉める
閉める
明日に向けたネットワーク
明日に向けたネットワーク
サポートするアプリケーションとユーザー向けに設計された、より高速で、より安全で、回復力のあるネットワークへの道を計画します。
          Netskopeを体験しませんか?
          Netskopeプラットフォームを実際に体験する
          Netskope Oneのシングルクラウドプラットフォームを直接体験するチャンスです。自分のペースで進められるハンズオンラボにサインアップしたり、毎月のライブ製品デモに参加したり、Netskope Private Accessの無料試乗に参加したり、インストラクター主導のライブワークショップに参加したりできます。
            SSEのリーダー。 現在、シングルベンダーSASEのリーダーです。
            SSEのリーダー。 現在、シングルベンダーSASEのリーダーです。
            Netskope、2024年ガートナー、シングルベンダーSASEのマジック・クアドラントでリーダーの1社の位置付けと評価された理由をご確認ください。
              ダミーのためのジェネレーティブAIの保護
              ダミーのためのジェネレーティブAIの保護
              ジェネレーティブ AI の革新的な可能性と堅牢なデータ セキュリティ プラクティスのバランスを取る方法をご覧ください。
                ダミーのための最新のデータ損失防止(DLP)eBook
                最新の情報漏えい対策(DLP)for Dummies
                クラウド配信型 DLP に移行するためのヒントとコツをご紹介します。
                  SASEダミーのための最新のSD-WAN ブック
                  SASEダミーのための最新のSD-WAN
                  遊ぶのをやめる ネットワークアーキテクチャに追いつく
                    リスクがどこにあるかを理解する
                    Advanced Analytics は、セキュリティ運用チームがデータ主導のインサイトを適用してより優れたポリシーを実装する方法を変革します。 Advanced Analyticsを使用すると、傾向を特定し、懸念事項に的を絞って、データを使用してアクションを実行できます。
                        レガシーVPNを完全に置き換えるための6つの最も説得力のあるユースケース
                        レガシーVPNを完全に置き換えるための6つの最も説得力のあるユースケース
                        Netskope One Private Accessは、VPNを永久に廃止できる唯一のソリューションです。
                          Colgate-Palmoliveは、スマートで適応性のあるデータ保護により「知的財産」を保護します
                          Colgate-Palmoliveは、スマートで適応性のあるデータ保護により「知的財産」を保護します
                            Netskope GovCloud
                            NetskopeがFedRAMPの高認証を達成
                            政府機関の変革を加速するには、Netskope GovCloud を選択してください。
                              一緒に素晴らしいことをしましょう
                              Netskopeのパートナー中心の市場開拓戦略により、パートナーは企業のセキュリティを変革しながら、成長と収益性を最大化できます。
                                Netskopeソリューション
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange(CE)は、セキュリティ体制全体で投資を活用するための強力な統合ツールをお客様に提供します。
                                  Netskopeテクニカルサポート
                                  Netskopeテクニカルサポート
                                  クラウドセキュリティ、ネットワーキング、仮想化、コンテンツ配信、ソフトウェア開発など、多様なバックグラウンドを持つ全世界にいる有資格のサポートエンジニアが、タイムリーで質の高い技術支援を行っています。
                                    Netskopeの動画
                                    Netskopeトレーニング
                                    Netskopeのトレーニングは、クラウドセキュリティのエキスパートになるためのステップアップに活用できます。Netskopeは、お客様のデジタルトランスフォーメーションの取り組みにおける安全確保、そしてクラウド、Web、プライベートアプリケーションを最大限に活用するためのお手伝いをいたします。

                                      Lessons Learned From a Year of Russo-Ukrainian Cyberwar

                                      Feb 24 2023

                                      February 24, 2023 marks one year since Russia invaded Ukraine, starting a conflict that has killed more than 8,000, injured more than 13,300, and displaced more than 14 million people in the past year, according to the UN. Physical warfare between Ukraine and Russia has been accompanied by cyberwarfare between the two countries. This blog post focuses on cyberwar, particularly what we can learn from the past year.

                                      Observations

                                      Attacks primarily target government agencies and critical infrastructure

                                      The majority of Russian attacks over the past year targeted military and government agencies and critical infrastructure, especially telecommunications providers and energy companies. Other attacks were more broadly targeted at companies and individuals in Ukraine and their allies throughout the world. Meanwhile, the majority of Ukrainian attacks were targeted at Russian government institutions, with attacks focused on taking down Russian websites, disrupting financial services, and disrupting misinformation campaigns.

                                      Phishing is the primary infiltration technique used for the majority of attacks

                                      The most common infiltration technique used in the cyberwar has been phishing, with both sides using targeted spear phishing campaigns, often accompanied by file-based exploits or other malicious payloads. Phishing is popular in cyberwar because it is simple, low-risk, effective, and versatile. A well-crafted and targeted phishing message delivered via messaging app, SMS, email, social media, or another channel can be used against practically any type of target. After a successful phish, attacks typically focus on espionage or sabotage. 

                                      Espionage and sabotage are the primary objectives

                                      In cyberwar, espionage and sabotage are the primary objectives. In the past year, espionage has typically taken the form of RATs and infostealers, while sabotage has typically taken the form of DDoS attacks, ransomware, and wipers. Throughout the year, many Russian wipers emerged to target Ukraine, including WhisperGate, HermeticWiper, IsaacWiper, and others. One recent ransomware attack used a new ransomware family, Prestige, to target logistics and transportation sectors in Ukraine and Poland.

                                      15% of attacks target other nations, primarily allies

                                      While approximately 85% of attacks have been targeted at individuals or organizations within Russia or Ukraine, the remaining 15% have been targeted primarily at allies throughout the world. Like the attacks within Russia and Ukraine, attacks on targets in other nations have also targeted critical infrastructure and government agencies.

                                      The most significant breakout attack of the Russo-Ukrainian war happened in 2017 with NotPetya, a Russian wiper targeted at Ukraine that ended up infecting systems throughout the world, including companies Maersk and Merck, and causing an estimated $10 billion in damages. In the year since the Russian invasion of Ukraine, we have yet to see a breakout attack of that scale. So far, attacks outside of Russia and Ukraine have been seemingly well-targeted. Some attacks, notably the early attack against Viasat, were less precisely targeted. While intended to interrupt network connectivity in Ukraine, the Viasat attack caused outages across Europe.

                                      Lessons

                                      • Anti-phishing controls and training are essential defenses during a cyberwar. Interrupting phishing attempts can help stop a cyberattack before it can cause any damage.
                                      • Government agencies and critical infrastructure are at the greatest risk during a cyberwar, warranting extra investment in cybersecurity defenses and the establishment of stricter cybersecurity controls to reduce risk surface.
                                      • Ransomware defenses, especially robust and well-tested backups, can also be effective defenses against some destructive wipers typically used during cyberwar.
                                      • The closer an individual or organization is to the conflict, either physically or through alliance, the more likely they are to be targeted. While most attacks are targeted at government agencies and critical infrastructure within the countries at war, anyone within those countries are common targets, as are individuals and organizations that are allied with either side.  

                                      Looking ahead

                                      As the physical conflict in Ukraine continues, so too will the cyberwar. The intensity of Russia’s physical attacks against Ukraine are expected to increase in the next year, and the cyberattacks will increase alongside them. The longer the conflict drags on, the more likely we are to see allies throughout the world targeted, and the more likely we are to see additional breakout attacks.

                                      author image
                                      Ray Canzanese
                                      Ray is the Director of Netskope Threat Labs, which specializes in cloud-focused threat research. His background is in software anti-tamper, malware detection and classification, cloud security, sequential detection, and machine learning.
                                      Ray is the Director of Netskope Threat Labs, which specializes in cloud-focused threat research. His background is in software anti-tamper, malware detection and classification, cloud security, sequential detection, and machine learning.

                                      Stay informed!

                                      Subscribe for the latest from the Netskope Blog