Skip to main content
Security Scorecard

Security Recommendations

Shields Up and White House Fact Sheet

March 22, 2022

SecurityScorecard stands with CISA and its partners in responding to ongoing Russian state-sponsored cyber activity in connection with Russia's attack on Ukraine. For the latest from SecurityScorecard’s Global Investigations, go to CISA’s Shields Up Technical Guidance.

Additionally, the White House released a fact sheet on protecting against potential cyberattacks.

‘Zhadnost,’ responsible for Ukraine DDoS attacks

March 10, 2022

SecurityScorecard identified three separate DDoS attacks which all targeted Ukrainian government and financial websites. The threat research & intelligence team provides an analysis of these attacks along with their impact.

Analysis of Cyber Attacks in Relation to Ukraine Military Operations

March 9, 2022

A new SecurityScorecard Threat Research & Intelligence audio webinar providing analysis on the recent cyber attacks in relation to Ukraine military operations, featuring Ryan Sherstobitoff, SVP, Threat Research and Intelligence and Dr. Ondrej Krehel, VP DFIR Services.

February 25, 2022

Our thoughts are with everyone across Europe, and the world, during these distressing times. Here are some general recommendations for our customers.

  • Based on our initial analysis of the DDoS attacks that started against Ukrainian targets, the attacks are primarily DNS/UDP floods. For any customer of ours that does not have DDoS mitigations in place (e.g., via a service like Cloudflare, Akamai, or AWS Cloudfront), it is critical to stand that up for critical web services immediately. Having a firewall will not stop the volume of traffic we’re seeing via NetFlow analysis against Ukrainian targets.
  • Blocking certain IPs will not stop all DDoS attacks. The attacks are coming from across the world, complicating their attribution and prohibition. DDoS protection via CDN, therefore, is critical.
  • CDN detection is a signal in the SecurityScorecard platform. It is informational within the Network Security risk group factor.
  • Any Ukraine-based company for the next 6 months can get entirely free access to SecurityScorecard’s enterprise license to protect themselves from ongoing cyber-attacks. We are also providing them free access to the SecurityScorecard digital forensics and incident response team to deal with ransomware issues or to recover from any outage. Simply email [email protected]

For more information about your cybersecurity risk posture, and to get your free scorecard, go to www.securityscorecard.com/free-account.

Join us in making the world a safer place.