New CISA Warning

New CISA WarningThe United States’ Cybersecurity and Infrastructure Security Agency (CISA) issued a new warning to US organizations following the cyberattacks in Ukraine. Click here to read the Insights PDF in its entirety. The publication is intended to get the attention of senior leadership of US organizations and encourages them to “take urgent, near-term steps to reduce the likelihood and impact of a potentially damaging compromise.”

The alert highlights steps companies should take to reduce the likelihood of malicious intrusion. Included in these steps are multi-factor authentication for remote access, disabling all ports and protocols not essential for business, and ensuring software is up to date. The report goes on to outline steps for detection, incident response, and preparedness.

The Insights warning also links an alert titled Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure. It’s clear the FBI, NSA, and CISA are concerned tensions between Russia and the US over Ukraine will spill over into cyberattacks on critical US infrastructure.

The advisory reads, “CISA, the FBI, and NSA encourage the cybersecurity community—especially critical infrastructure network defenders—to adopt a heightened state of awareness and to conduct proactive threat hunting, as outlined in the Detection section. Additionally, CISA, the FBI, and NSA strongly urge network defenders to implement the recommendations listed and detailed in the Mitigations section. These mitigations will help organizations improve their functional resilience by reducing the risk of compromise or severe business degradation.”

This report also follows the huge increase of malware attacks on the Ukrainian government and private businesses. The attackers have defaced websites and corrupted Windows and Linux-based server data. In Microsoft’s investigation of the attacks they wrote, “ [The malware] is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom.”

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright