Shields Up: Navigating the Russian Cyberthreat
As the world watches the horrific events unfold in Ukraine, multiple U.S. agencies have warned about potential cyberattacks from Russia. The most recent alert coming from the Cybersecurity and Infrastructure Security Agency (CISA) is advising all businesses to go into a “Shields Up” mode. Following are some prudent steps that every business should be taking to protect itself.
- Stay up to date with tactics that the Russian government may be utilizing.CISA offers the ability to subscribe to their alerts.
- Remind your employees to Pause, Inspect and Think before clicking any links, opening any attachments or visiting websites. This applies across all potential channels: e-mail, social media, text messaging, messaging apps, etc. The Russian conflict creates a prime opportunity for cyber criminals globally to target you and leverage the fear, uncertainty and doubt we are all experiencing.
- Make sure your systems are patched with vendor supplied security updates and continue to be patched in a timely manner. Over the past year, a number of major vulnerabilities have been disclosed that can be actively used against you if your systems are not patched. CISA maintains a listing of vulnerabilities that are actively exploited here. Review this listing with your IT team and make these a priority.
- Embrace Multi-Factor Authentication (MFA). If you have not yet deployed MFA, now is the time to do so.
- Implement GEO IP Address restrictions. If your business does not have any reason to communicate with certain countries, block those countries. Most modern firewalls have this capability. This safeguard is not fool proof; however, it does help limit your exposure.
- Monitor your systems and user activity. You can’t respond, if you don’t know you have an issue.
- Ready your Incident Response Plans or create one.
As always, we are here and ready to assist with safeguarding your company against cyber threats. If you need assistance, please contact your client engagement team or:
Thomas J. DeMayo, CISSP, CISA, CIPP/US, CRISC, CEH, CHFI, CCFE
Principal, Cybersecurity and Privacy Advisory
firstname.lastname@example.org | 646.449.6353
Nick DeLena, CISSP, CISA, CRISC, CDPSE
Partner, IT Risk Assurance & Advisory
email@example.com | 781.937.5191