Talk to Symantec

    How to protect your organization from the latest Ukraine-related cyberattacks

    Cyberattacks zeroing in on Ukraine are on the rise. Even if not directly targeted, organizations can face risks from this activity. Symantec continues to monitor and update protection against present and future attacks for customers. Refer to this page often for our published research on these recent threats.


    From the latest details on the Ukraine-focused wiper malware to the Shuckworm espionage attack, you can get it all in Symantec’s Threat Intelligence blog. Read more here:

    Best Practices

    Take advantage of publicly available resources that detail recommendations specific to each conflict:

    Establish strong security controls in your organization:

    • Implement multi-factor authentication (MFA)
    • Secure Active Directory. Read the Microsoft guidelines to learn more
    • Evaluate and enable Symantec Threat Defense for Active Directory (TDAD), a feature of SES Complete. Learn more about TDAD


    Maximize Protection from Symantec Enterprise Security Complete

    • Ensure all proactive protection technologies are enabled
    • Enable the IPS, SONAR and Insight features, even on servers
    • Ensure the SEPM is hardened and accounts accessing each machine use multi-factor authentication (MFA)
    • Protect your SEP client by enabling password protection to prevent configuration changes
    • Evaluate and enable Adaptive Protection
    • Ask your Symantec Sales Engineer for a custom heat map showing risky “Living off the Land” behavior in your network

    How Symantec Solutions Can Help

    As Advanced Persistent Threats (APTs) continue to proliferate and pose serious damage, the Symantec Enterprise Business provides a comprehensive portfolio of security solutions to address today’s security challenges and protect data and digital infrastructure from multifaceted threats. These solutions include core capabilities designed to help organizations prevent and detect advanced attacks like those that have been launched against the Ukrainian government and those countries that provide services to it.

    Symantec Endpoint Security Complete
    Symantec Endpoint Security Complete Symantec Endpoint Security Complete (SESC) was specifically created to help protect against this type of attack. While many vendors offer EDR to help find intrusions, as does Symantec, there are gaps. We call these gaps blind spots and there are technologies in SESC to eliminate them. Learn More
    Privileged Access Management (PAM)
    Privileged Access Management (PAM) PAM is designed to prevent security breaches by protecting sensitive administrative credentials, controlling privileged user access, proactively enforcing security policies and monitoring and recording privileged user activity. Learn More
    Symantec Web Isolation
    Symantec Web Isolation Symantec Web Isolation eliminates web threats and solves the challenge of providing access to unknown, uncategorized and potentially risky web by creating a remote execution environment between an agency’s enterprise systems and content servers on the web. Learn More
    Symantec Secure Web Gateway (SWG)
    Symantec Secure Web Gateway (SWG) SWG delivers high-performance on-premises or cloud secure web gateway that organizations can leverage to control or block access to unknown, uncategorized, or high-risk websites. Learn More
    Symantec Intelligence Services
    Symantec Threat Intelligence Symantec’s Global Threat Intelligence Network continuously gathers and analyzes the data from all of Symantec's products. Advanced ML and AI processes performed on the data produce deep insights that are fed back into Symantec’s security solutions, making them smarter and quicker to respond to threats, attackers and developments in the threat environment. Learn More
    Symantec Content Analysis with Advanced Sandboxing
    Symantec Content Analysis with Advanced Sandboxing Within the Symantec Content Analysis platform, zero-day threats are automatically escalated and brokered to Symantec Malware Analysis with dynamic sandboxing for deep inspection and behavioral analysis of potential APT files and toolkits. Learn More
    Symantec Security Analytics
    Symantec Security Analytics Symantec Security Analytics delivers enriched, full-packet capture for full network traffic analysis, advanced network forensics, anomaly detection, and real-time content inspection for all network traffic to arm incident responders for quick resolution. Learn More