Does the Edgy Geopolitical Landscape Put Your Business at Risk?

International hacking groups pose a unique threat to NYC businesses, especially in times of global instability and conflict.

April 15, 2020Manhattan Tech Support

Tech Support & Managed IT ServicesBusiness IntelligenceCloud ServicesIT Consulting & StrategySecuritySoftware DevelopmentTelecommunicationsFinanceConstructionEducationHealthcareLegalReal Estate

As we’ve written about before, cyber risk is growing among small and midsized businesses, as hackers leverage new technologies like machine learning and the dark web to launch effective cyberattacks at an unforeseen scale.

What many vulnerable smaller businesses don’t realize is how political instability and conflict shapes today’s threat landscape. In their recent Global CEO Survey, PricewaterhouseCoopers found that 72% of global CEOs think their company will be affected by geopolitical cyber activity, while just 15% feel their organizations can confidently withstand such an attack.

That level of awareness is significantly lower at small and midsized businesses, which puts this already unguarded group of companies at increased risk during times of conflict.

China Leverages National Resources for Commercial Gain

The recent trade war has heightened already tenuous cybersecurity relations between the U.S. and China. Motivated by a zero-sum goal of economic dominance, Chinese hackers have ramped up already significant attacks on U.S. businesses, targeting those with intellectual property that could help give Chinese key industries a competitive edge.

While the U.S. government has continued to indict Chinese hacking groups for these financially-driven attacks, legal measures have yet to yield any significant positive result. China remains, in the words of the present administration, “the world’s most active and persistent perpetrator of economic espionage.”

APT10 is one of China’s most active hacking groups. They’ve been linked to attacks on American utilities, European airline manufacturer Airbus, major law firms in the United States, and countless other smaller attacks in just the last few years.

Russian Hackers Operate with Tacit State Approval

Several major groups of Russian hackers operate for economic gain with an obvious feeling of impunity. These groups have been responsible for some of the most financially ruinous cybercrimes in recent years, including the theft of over 100 million dollars from hundreds of banks in the West. As with China, the U.S. government has taken punitive action against some of the more nefarious Russian hacking groups, but that has failed to stem the consistent attacks.

Have you heard the names Maksim Yakubets and Igor Turashev? These two, part of the Russian hacking group “Evil Corp,” launched the lucrative “Bugat” and “Zeus” malware, which stole tens of millions of dollars from thousands of American small and midsized businesses. They’ve also worked closely with the Russian government on various state-sponsored attacks over the years.

Political Instability and the Rise of Iranian Threats

Iran is a long-term cyber enemy of the American business community and government. In the last few weeks, the specter of all-out cyberwar with Iran has increased dramatically, prompting the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency to issue an official warning.

There is a long history of Iranian attacks on the U.S. private sector. Notable cases include the hacking of the Sands Hotel and Casino network in 2015, which cost the facility over $40 million in damages. Since then, Iranian hackers have launched high-profile denial of service attacks on several American businesses, with a focus on financial institutions.

Since the death of General Soleimani, there are signs that Iran is preparing to use its large army of cyberwarriors to launch new attacks on the U.S. Wired magazine just reported last week that Iranian hackers had started “password spraying” the U.S. electricity grid, hoping to compromise weak accounts.

How to Respond to Global Cyberthreats

The threat of cyberattacks from foreign sources is real, so what can you do about it? Thankfully, there are concrete steps that you can take to help protect your organization. To prepare early with the best-in-class security measures, we encourage you to reach out to Manhattan Tech Support, an award-winning MSP, for more information.

Proactive System Maintenance is Your First Line of Defense

There is no such thing as “one and done” cybersecurity. Your network evolves every day as you create new data, add and remove software, integrate new services, and grow your business. Ensuring strong I.T. security to meet the threat of nation-state level attackers requires proactive and ongoing vigilance.

Patch and update systems

Every device in your network, including your routers, firewalls, P.C.s, servers, and mobile devices, must be kept up to date. Because knowledge of software and hardware vulnerabilities spread like wildfire across the dark web, not being proactive about this work leaves foreign hackers a huge opportunity to infiltrate your network.

Regular Vulnerability Scanning

Vulnerability scanning uses a specialized set of tools to inspect your network and look for potential points of entry. There are two main types of vulnerability scan:

  • Authenticated scans, which assumes an attacker has credentials to access your data
  • Unauthenticated scans, which searches for weaknesses that any hacker could exploit.

Manhattan Tech Support, and its dedicated I.T. security division Kaytuso, helps businesses combine the latest vulnerability scanning techniques and technology to meet their unique security needs.

Informed Employees Are Crucial To Create A Strong Security-Focused Work Culture

Many of the high-profile security breaches mentioned above all share a similarity — they started with an employee lapse in judgment. Whether it was failing to identify a phishing email, falling victim to another form of social engineering, or losing a device – educating your employees is a crucial way to improve I.T. security across your organization.

Studies show that regular employee training is more effective than large, one-off events. That’s why Manhattan Tech Support offers regular, online cybersecurity training sessions that keep your staff aware of the latest cybersecurity best practices, including phishing awareness, data loss prevention techniques, social media digital hygiene, and more.

Click here to learn more about our cybersecurity awareness training solutions.

Deploy Tools and Processes for Incident Response

Another important tool in keeping foreign hacking groups at bay is your security incidence and response processes. As networks grow in complexity and the volume of production data increases exponentially, these platforms have become crucial to helping companies address cybersecurity events at scale.

A strong cybersecurity incident response plan should include the following elements

  • Tools for monitoring your network devices, detecting security incidents before they do significant damage, and alerting system administrators of any cybersecurity events.
  • Staff members and toolsets for analyzing each security incident, which includes gathering digital forensics and analyzing data to assess damages.
  • Having strong, documented policies in place to respond to cybersecurity events, with clear lines of communication between stakeholders.

The Surest Path to Security is with Award-Winning Cybersecurity Services

While the right intelligence and processes can help you reduce the threat of cyberattack from outside the U.S., there is no replacement for comprehensive cybersecurity service from a team of professionals. For over two decades, Manhattan Tech Support and its dedicated cybersecurity division, Kaytuso, have been providing world-class cybersecurity consulting and service to businesses across the United States.

If you’re interested in better protecting your business from threats— both domestic and foreign – why not reach out and ask us how we can help? Contact our friendly team of experts at any time at 212-299-7673 or .


Kaytuso – the cybersecurity & regulatory compliance division of LLC.

Exceed Digital – the custom software development and business intelligence solutions division of LLC

Related Articles

AI trends in IT management

calendar March 22, 2023

author Manhattan Tech Support

Artificial Intelligence Business Intelligence Cloud Services Cyber Insurance IT Consulting & Strategy Tech Support & Managed IT Services Construction Education Finance Healthcare Legal Non-Profits Real Estate Startups

AI trends in IT management

AI is on everyone’s minds these days. ChatGPT3 and OpenAi have brought what’s possible to the mainstream in a way we haven’t seen outside of movies before. If you’ve spent any time following the trends online, there’s a lot of

Read More
Best Microsoft 365 features for 2023

calendar March 15, 2023

author Manhattan Tech Support

Business Intelligence Cloud Services IT Consulting & Strategy Software Development Tech Support & Managed IT Services Construction Education Finance Healthcare Legal Non-Profits Real Estate Startups

Best Microsoft 365 features for 2023

Microsoft’s office suite (now called Microsoft 365) has come a long way from its early days as a word processor and spreadsheet platform. These days, Microsoft 365 is a powerhouse of productivity tools that handle everything from word processing to

Read More
Digital Trust – what is it and how does it affect your business

calendar March 8, 2023

author Manhattan Tech Support

Business Intelligence Cloud Services Cyber Insurance IT Consulting & Strategy Security Tech Support & Managed IT Services Telecommunications Construction Education Finance Healthcare Legal Non-Profits Real Estate Startups

Digital Trust – what is it and how does it affect your business

It seems we hear new stories about cybercrime every day. The stories range from huge ransomware attacks on hospitals to city infrastructure being compromised. It might seem like this isn’t something that you and your business need to worry about,

Read More