Microsoft's departure will harm Russia - but the West may also suffer


Experts express mixed warnings about security after the departure of Microsoft and other tech giants from Russia: some downplay the impact on ordinary citizens, while others predict a return to “pen and paper”. More worryingly, experts warn of a “ripple effect” that could damage Western enterprises further down the digital supply chain.

According to Shmulik Yehezkel, a cybersecurity analyst at CYE, the departure of large companies will lead to the fact that “all Microsoft-based systems will be potentially exposed to future attacks, since they will not be able to download updates and fixes.”

At the same time, he added: “The main potential victims will be in the private sector, not in state structures, [которые] they usually use their own systems or closed networks that are not vulnerable to the lack of updates.”

Alex Artamonov, an information security specialist at Infinitely Virtual, made sadder predictions for the country.

“As technology companies leave, Russia is becoming more vulnerable,” he said. ” Expired licenses will not be renewed, applications will stop working, equipment that has failed will not be replaced, new equipment cannot be deployed. Companies may be cut off from the global Internet, or they will be quite vulnerable.”

“It affects not only cybersecurity, it affects everyone and everything. As a result, they will return to pen and paper, as computers will stop working due to lack of updates, expired licenses and failures.”

Marianne Bailey, a former senior head of cybersecurity at the National Security Agency (NSA) and a partner at the consulting company Guidehouse, took another step forward, warning of “ripple effects” in the future that could also hit Western companies.

Referring to an NSA study that revealed France’s key place in the supply chain of vital cybersecurity tools, such as multi-factor authentication, used in the United States, Bailey warned of “second and third-order effects” – organizations outside Russia may also suffer due to corporations falling under sanctions.

“Most people and companies don’t really understand where all our sub—components come from,” Bailey said.

Ori Neal, director of Incident Response, reported an increase in vulnerability to attacks for some Russian citizens due to the refusal of Microsoft and Cisco to send security updates. But he added: “Tech-savvy users will probably bypass any regional restrictions and find a way to fix and update their systems as usual.”

According to Neil, it is Russian companies, not individuals, who will experience more pressure related to strengthening their protection against cybersecurity.

“For enterprises, the consequences of the departure of technology giants from Russia are probably more serious, since they rely on corporate functions, support, the importance of updates and the consequences for cybersecurity,” the expert said. “If services such as AZURE and Office 365 are affected, it is possible to switch to other cloud providers such as Yandex and Alibaba.”

Another long-term measure that Russian companies can take is the transition to Linux-based operating systems and increasing confidence in domestic solutions.

Reflecting Bailey’s concerns about the global supply chain of digital goods, Neil added: “Equipment is a more serious problem: there are already not enough chips in Russia and there is no existing infrastructure for production. This can speed up the transition to cloud solutions. As for the exit of Cisco and telecommunications providers, there will be problems with updating the firmware and expanding networks at enterprises.”

“We are likely to see an increase in the use of virtual private networks, proxy servers and Tor solutions [сети с открытым исходным кодом] to bypass regional software restrictions. Russia is also likely to switch to local hosting for websites and servers.”

Cybercriminals will also follow this trend, while “an increase in the number of threat actors using cryptocurrency miners and phishing to steal money is likely.” He added: “Expect an increase in the number of cases of exploitation and use of servers as tunnels or cryptocurrency miners. The big question is whether companies will stop updating security systems.”

Start a discussion …