IT and Cybersecurity News

Russian Cyberattack Risks Escalate Based on Evolving Intelligence

Written by Systems Engineering | March 22, 2022

In recent weeks, The White House held a cybersecurity press briefing with the Deputy National Security Advisor (NSA) for Cyber and Emerging Technologies, who urged "private sector partners to take immediate action to shore up their defenses against potential cyberattacks." This comes after earlier warnings from The White House for heightened awareness surrounding Russian cyberattacks.

The press briefing discussed evolving threat intelligence that Russia is exploring options for potential cyberattacks on the U.S. and its critical infrastructure. The potential malicious cyber activity is thought to be in response to the economic sanctions the U.S. has imposed on Russia. The NSA urged business leaders at all domestic organizations to take action to help protect the services that millions of Americans rely on against Russian state-sponsored malicious cyber activity stating, "Lock your digital doors."

At this time, everyone must be hyper-aware of the risks.

The White House released a FACT SHEET that outlines urgent steps and long-term best practices for securing organizations. The steps described in the federal fact sheet echo our long-standing best practices to fortify your organization against persistent, evolving cyberthreats.

From The White House Fact Sheet

Below are the individual steps as listed in the fact sheet along with educational how-to's from our extensive content library. As you will note, each of the urgent and long-term steps suggested are not new concepts or recommendations. You may already be familiar with some of these steps or have implemented several of these measures proactively.

EXECUTE WITH URGENCY

  • Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;
    • MFA can block 99% of account compromise attacks if deployed and adopted across the organization. Learn what multi-factor authentication (MFA) is and why it's an effective cybersecurity tool that enhances end-user security and data protection.
  • Deploy modern security tools on your computers and devices to continuously look for and mitigate threats;
  • Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors;
  • Back up your data and ensure you have offline backups beyond the reach of malicious actors;
  • Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack;
  • Encrypt your data so it cannot be used if it is stolen;
  • Educate your employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly;
    • 88% of security incidents are caused by employees’ mistakes. Train and educate your team on the latest cybercriminal techniques at least once a year and build a 'human firewall.'
  • Engage proactively with your local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents. Please encourage your IT and Security leadership to visit the websites of CISA and the FBI where they will find technical information and other useful resources.

LONG-TERM CYBERSECURITY MATURITY

  • Build security into your products from the ground up — “bake it in, don’t bolt it on” — to protect both your intellectual property and your customers’ privacy.
  • Develop software only on a system that is highly secure and accessible only to those actually working on a particular project. This will make it much harder for an intruder to jump from system to system and compromise a product or steal your intellectual property.
  • Use modern tools to check for known and potential vulnerabilities. Developers can fix most software vulnerabilities — if they know about them. There are automated tools that can review code and find most coding errors before software ships, and before a malicious actor takes advantage of them.
    • Proactive network monitoring helps your organization stay on top of network health & address potential issues before they disrupt productivity and result in costly downtime.
  • Software developers are responsible for all code used in their products, including open-source code. Most software is built using many different components and libraries, much of which is open source. Make sure developers know the provenance (i.e., origin) of components they are using and have a “software bill of materials” in case one of those components is later found to have a vulnerability so you can rapidly correct it.
    • It's critical to understand how your vendor builds security into their products. A good vendor management program will help you determine if a vendor is a good fit for your business and assess the potential risks they may bring.
  • Implement the security practices mandated in the President’s Executive Order, Improving our Nation’s Cybersecurity. Pursuant to that EO, all software the U.S. government purchases is now required to meet security standards in how it is built and deployed. We encourage you to follow those practices more broadly.

Regardless of sector or industry, it is critical to know your cyber risks and take the necessary steps to reduce the likelihood and impact of a potential compromise. In addition to the above security recommendations, we also encourage organizations to secure cyber liability insurance. While cyber insurance will not prevent an attack, if you do experience a cyber incident, having cyber insurance coverage in place can reduce the financial impact on your organization.

For more information on combating cybercriminal activity, talk with one of our cybersecurity experts here at Systems Engineering. Call 888.624.6737 or email  info@systemsengineering.com. Clients, please reach out to your Account Manager directly.