SAN FRANCISCO, Calif. (KRON) – As Russia continues its attack against Ukraine, President Joe Biden is urging U.S. companies to make sure their “digital doors” are locked tight.
Shortly after the Biden administration warned of possible Russian cyberattacks earlier this week, Microsoft and San Francisco-based tech company Okta are investigating possible breaches.
Nvidia in Santa Clara was targeted last month.
“What we’ve seen in the news cycle in the corporate enterprise world is a weakness that almost every company on the planet has,” Richard Bird said.
While there is no evidence that Russia is behind the recent incidents so far, experts say vigilance is imperative.
Richard Bird is Chief Product Officer at a third-party identity cybersecurity company Seczetta.
“What companies really need to be on guard about is immediately taking action to understand the inventory of all the identities that they do business with. Not just the workers in their own organization but the outsource agencies, all the different companies that they’re doing business with. You simply cannot operate on the basis of trust that every single one of those people are who they say they are,” Bird said.
“The president mentioned that multiple times, it’s not a matter of if, it’s who and when is this going to happen,” Ahmed Banafa said.
Professor Ahmed Banafa, a cyber security expert at San Jose State University, says it’s not the time to panic but rather be guarded and aware of what’s going on.
One example Banafa refers to is when the colonial pipelines were shut down due to a ransomware attack last year.
“Somebody else or somebody on the other side is trying to inflict some harm on the infrastructure of the United States that would reflect on the economy, that would increase the prices, that would lower the trust in the government,” Banafa said.
Experts say the best way for everyone to be as safe as possible is to update software on all devices like your smartphone, tablet and laptop, turn on two-factor authentication to secure accounts, and avoid suspicious phishing emails.
“The weakest link in any system is human impact where everything started with a click on that phishing email, a click on a link you’re not supposed to click,” Banafa said.