March 24, 2022

MRC Advisory Update Increased Risk of Russian Cyber Attacks for Merchants

On March 21, the White House issued a warning that Russia could be planning to launch cyber attacks against critical U.S. infrastructure and the private sector

The White House stated that they have noticed an increase in malicious behavior and sees “avenues for bad actors to easily exploit critical targets.” The European Union Agency for Cyber Security has issued guidelines to help companies prepare.

Russia has denied the accusation.

The MRC is hearing from members that some are seeing an increased volume in card testing, fraud attempts, and account takeover (ATO) attacks. Our members believe these attempts are originating in Russia, and describe them as very creative, aggressive, and thorough. 

The White House issued a Fact Sheet to help companies prepare for potential attacks. In addition to those recommendations, we encourage member companies to take the following precautions:

  • Implement multifactor authentication
  • Patch systems against known vulnerabilities
  • Back up all data
  • Run drills
  • Engage with federal authorities as appropriate

We recommend all members not only proactively harden cyber defenses, but review security systems and maintain increased vigilance for as long these unusual attack volumes continue.