The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is alerting the business community about potential cyberattacks from Russia after its invasion of neighboring Ukraine.
CISA stated that businesses should be prepared to defend against cyberattacks originating from Russia. Malicious cyber activities such as denial of service and malware attacks have already been reported in Ukraine and other countries in the region.
“Every organization in the U.S. is at risk from cyber threats that can disrupt essential services,” said Jen Easterly, director of CISA. “While there are no specific credible threats to the U.S. homeland at this time, we are mindful of the potential for Russia to consider escalating its destabilizing actions in ways that may affect our critical infrastructure. All organizations must adopt a heightened posture of vigilance.”
The agency asks employers to reduce the likelihood of damage, take steps to detect an attack, ensure the organization is prepared to respond and build up resilience.
Recommended actions include:
- Validating that all remote access to the organization’s network requires multifactor authentication.
- Ensuring that software is up-to-date.
- Confirming that all ports and protocols that are not essential have been disabled.
- Ensuring that cybersecurity and IT staff are focused on identifying and quickly assessing any unexpected or unusual network behavior.
- Confirming that the organization’s network is protected by antivirus/anti-malware software.
- Designating a crisis-response team with main points of contact for a suspected cybersecurity incident.
- Testing backup procedures to ensure that critical data can be rapidly restored if the organization is impacted by ransomware or other destructive cyber attack.
CISA specifically urged CEOs to conduct worst-case scenario planning, empower chief information security officers in the decision-making process for risk to the company, and lower cyber attack reporting thresholds to the U.S. government to ensure the agency can immediately identify an issue and help protect against further attack.
The agency also suggested that businesses sign up for free cyber hygiene services, which includes vulnerability and application scanning and remote penetration testing. CISA will also help employers determine how prepared their staff is to recognize phishing attacks and their level of security awareness.