By now, everyone is aware of the current situation in Russia. President Putin has amassed tens of thousands of military troops at the border of Ukraine, and an invasion appears imminent.
As the physical threat of war continues to rise, so do the cyber threats for any country that may stand against Russia.
The U.S. Cybersecurity and Infrastructure and Security Agency (CISA) has issued a warning to all organizations in the United States, titled Shields Up, recommending an adoption of "heightened posture when it comes to cybersecurity" and making sure to protect their most critical assets.
This warning is the second that CISA has issued in 2022, with the first coming about a month ago in January.
This recent message reiterates that cyberattacks have the potential to disrupt essential services and even impact public safety. CISA explains:
"Over the past year, cyber incidents have impacted many companies, non-profits, and other organizations, large and small, across multiple sectors of the economy.
Notably, the Russian government has used cyber as a key component of their force projection over the last decade, including previously in Ukraine in the 2015 timeframe. The Russian government understands that disabling or destroying critical infrastructure—including power and communications—can augment pressure on a country's government, military and population and accelerate their acceding to Russian objectives.
While there are not currently any specific credible threats to the U.S. homeland, we are mindful of the potential for the Russian government to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine."
To help organizations better protect themselves, CISA provides four specific recommendations:
- "Reduce the likelihood of a damaging cyber intrusion."
"Take steps to quickly detect a potential intrusion."
"Ensure that the organization is prepared to respond if an intrusion occurs."
"Maximize the organization's resilience to a destructive cyber incident."
For more specific details on these recommendations, see the Shields Up notice from CISA.
Significance of CISA warning on Russia
After issuing the second warning to organizations about Russian cyber activity, CISA has certainly caught the attention of many. Below are some comments from cybersecurity professionals on the situation.
Erkang Zheng, Founder and CEO of JupiterOne, shares his thoughts:
"There's an incredible amount of uncertainty in the geopolitical and cyber threat climate, however, 'Shields Up' is a clear signal that US government officials are taking potential cyber threats incredibly seriously and recommend that organizations of all sizes assume a similarly proactive posture.
Alert fatigue is always a risk for security practitioners; But I genuinely believe industry is listening to advice to create a 'proactive defensive policy', including a greater capacity to detect and mitigate potential advanced persistent threats or attacks on critical infrastructure."
Gadi Naveh, a cyber data scientist at Canonic, echoed similar thoughts:
"The 'Shields Up' initiative is a well timed reminder that without sound security measures, a myopic focus on productivity is not sufficient to sustain business continuity. Regardless of intent, nation state adversaries pose clear and present danger to business continuity. While we all hope that diplomatic efforts will triumph, it's a good opportunity to step up security controls. Such an alert backs the office of the CISO when presenting security priorities to the board and other senior executives."
Sandy Dunn, CSO at BreachQuest, discussed what this message from CISA means for business leaders and CISOs:
"A CISO should act on the Shields Up Message the same way a person listens and acts when the weatherman warns of a hurricane may be headed to the area you live in. For a hurricane you check the windows, the pantry for food supply, buy extra water, and batteries for a working flashlight.
A cybersecurity team needs to double down on their environment. Call a team meeting make sure people on the team are on high alert, review the incident response plan and have it available. Send a message out to the users in your organization to watch for suspicious activity. Also send a message to the executive leadership in the organization that the Shields Up message is a call to action, and you are prepared.
Identifying the signal in the noise is a skill developed through experience. A CISO needs to curate the threat information feed so they can align their urgency to action from the message. They need to protect their organization and team from alert fatigue so when there is an important alert such as the Shields UP warning from CISA the organization takes appropriate action."
Follow the SecureWorld News page for any updates regarding the situation with Russia and malicious cyber activity.