The US Cybersecurity and Infrastructure Security Agency (CISA) has warned US firms to strengthen their security stance and stay on alert for possible Russian cyberattacks.
The warning comes after a past couple of years where Russian cyberattacks have become more than common, with the SolarWinds hack in December 2020 and the DarkSide variant hack of the Colonial Pipeline in May 2021 standing out as key Russian-backed hacks.
CISA remarked that all organisations in the US are at risk from cyberattacks that could disrupt essential services and may even impact public safety.
The agency said, “The Russian government understands that disabling or destroying critical infrastructure – including power and communications – can augment pressure on a country’s government, military and population and accelerate their acceding to Russian objectives.
While there is no current specific threat to US organisations, with the rising anxieties at the Ukrainian border, there is growing worries that the Russian government may consider ‘escalating its destabilising actions’ to impact entities outside of Ukraine.
According to Security Week, CISA has been working with critical infrastructure partners to increase awareness of potential threats and is now urging all firms to be proactive and make sure their most critical assets are well defined in the chance of an attack.
To bolster their security, CISA claims organisations should ensure multi-factor authentication is enabled for all remote access to their environments, including privileged or administrative access. They should also keep all software updated and prioritise patching against known exploited vulnerabilities, disable all unused ports and protocols and ensure that strong controls are implemented for all cloud services that may be in use.
CISA said organisations should ensure their cybersecurity and IT personnel can quickly identify and address unusual network behaviour, key their environments protected with security products, maximise resilience to destructive cyberattacks and ensure a response plan is implemented in the event of an intrusion.
CISA concluded, “If working with Ukrainian organisations, take extra care to monitor, inspect, and isolate traffic from those organisations; closely review access controls for that traffic.”
Copyright © 2018 RegTech Analyst
