The White House announced yesterday that there “is now evolving intelligence that Russia may be exploring options for potential cyberattacks” against the United States in response to economic sanctions resulting from Russia’s invasion of Ukraine.

The White House is urging organizations to implement strategies including:
• The use of multi-factor authentication
• Deployment of modern security tools on computers and devices
• Checking with cybersecurity professionals about vulnerabilities
• Backing up data and ensuring offline backups
• Running exercises and emergency plans
• Encrypting data
• Training employees
• Engaging proactively with the local FBI field office or Cybersecurity and Infrastructure Security Agency regional office to establish relationships in advance of any cyber incidents

In January, President Joe Biden signed an Executive Order to modernize federal government defenses and improve the security of widely used technology. The administration has launched public-private action plans to shore up the cybersecurity of the electricity, pipeline, and water sectors, and has directed departments and agencies to use all existing government authorities to mandate new cybersecurity and network defense measures.

The White House said the federal government will continue its efforts to provide resources and tools to the private sector, including the Shields-Up campaign from the CISA, adding that “much of the nation’s critical infrastructure is owned and operated by the private sector.”

CISA is urging state and municipal officials to make use of several resources it provides:
• A cybersecurity advisory issued jointly by CISA, the FBI and the National Security Agency on Jan. 11 describing the tactics, techniques and procedures frequently associated with Russian state-sponsored cyberattacks
• A CISA list of of cybersecurity measures to reduce the likelihood and impact of a cyberattack
• A Russia Cyber Threat Overview and Advisories webpage, with CISA’s advisories about Russian state-sponsored threats
• The Shields Up webpage, which includes urgent steps that organizations can take to bolster their systems against threats
• A new catalog of free cybersecurity resources from CISA, the open-source community, and CISA’s private sector partners in the Joint Cyber Defense Collaborative
• A CISA Insights document, “Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure,” focusing on misinformation and disinformation campaigns used to sow public distrust and undermine security

CISA urges local officials to report suspected cyber intrusions and anomalous activity to CISA at central@cisa.gov or at 888-282-0870, and/or to the FBI’s 24/7 CyWatch operations center at 855-292-3937 or at CyWatch@fbi.gov.

CISA can offer help to organizations that have experienced cyber incidents and can use information from incident reports to protect other possible victims.

+
+