The Biden Administration warned this week that evolving intelligence indicates the Russian Government is currently exploring options for potential cyberattacks in response to heavy economic sanctions imposed by the United States and its allies.
In addition to ongoing efforts that are being made by federal agencies and critical infrastructure partners to improve the nation’s cyber defenses, President Biden’s statement calls on businesses of all sizes to prepare for, respond to, and mitigate the impact of cyberattacks.
Recommendations for Immediate Action
A White House fact sheet describes steps that companies should immediately take to protect themselves from cyberattacks:
- Mandate the use of multi-factor authentication on company systems (note, however, that Russian state cyber actors have recently exploited misconfigured MFA protocols, so companies should takes steps to ensure the default protocols are configured and updated appropriately).
- Deploy modern security tools on company computers and devices to continuously scan for and mitigate threats.
- Be particularly vigilant about patching systems and protecting against all known vulnerabilities.
- Change passwords across company networks so that previously stolen credentials are useless (consider doing on an accelerated schedule even if password policies set longer expiration periods).
- Back up company data and ensure that there are offline backups beyond the reach of malicious actors.
- Run tabletop exercises and drill company emergency plans to be prepared to respond quickly to minimize the impact of any attack.
- Encrypt data so it cannot be used if it is stolen.
- Educate employees to common tactics attackers will use over email or through websites (eg, phishing or spearphishing campaigns, requests to click on malicious email attachments, requests to fill in usernames and passwords on websites linked in emails).
- Encourage employees to report if their computers, phones, or other devices have shown unusual behavior, such as unusual crashes or sluggish operation.
- Engage proactively with local FBI field offices or a Cybersecurity and Infrastructure Security Agency Regional Office to establish relationships in advance of any cyber incidents.
- Encourage IT and Security leadership to visit CISA and FBI websites to locate technical information and other useful resources.
Additional resources and guidance is available at the Cybersecurity & Infrastructure Security Agency’s “Shields Up” website.
Canada Supports Call for Increased Cyber Security Awareness
The Canadian Centre for Cyber Security issued a statement in support of President Biden’s call for increased cyber security vigilance among organizations in response to Russia’s invasion of Ukraine.
In view of the elevated risk of cyber threats resulting from recent geopolitical events and Russia’s demonstrated record of malicious hacking, the Cyber Centre urges Canadian organizations to bolster their security
“We remind Canadians and Canadian organizations that cyber threats are constant, evolving, and cybercrime continues to be a prevalent threat,” the statement said.
Companies are strongly encouraged to follow updated advice and guidance on CSE’s website and/or Twitter account.