Waves of cyber attacks were hitting Ukraine last month. Those attacks foreshadowed the full-scale invasion that Russia unleashed on its neighbor on February 24th.
Since then, virtually all western countries have introduced harsh sanctions against Russia, targeting everything from its emergency reserves to key sources of the country’s wealth to oligarchs and Vladimir Putin himself.
"There will be some retaliatory measures taken by them, and I think in the least costly way that they can do it—that means some kind of cyber attack," said Steven Schweitzer, senior fixed income portfolio manager at the Swarthmore Group in New York.
While Russia’s retaliatory cyber attacks will almost certainly focus on high-profile targets, such as financial institutions and government agencies, cybersecurity experts expect spillovers to hit even small and medium-sized businesses (SMBs).
That’s why the U.S. Cybersecurity & Infrastructure Security Agency (CISA) has issued a warning to all organizations in the United States, entitled Shields Up, recommending them to strengthen their defenses.
Highlighted CISA Recommendations
“CISA recommends all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets,” writes the agency, which is part of the U.S. Department of Homeland Security, on its website.
The agency’s goal is to strengthen our nation’s collective defenses against cyber threats like phishing, distributed denial-of-service (DDoS), ransomware, and other malware, including HermeticWiper and Whispergate, which were recently deployed against organizations in Ukraine to destroy computer systems and render them inoperable.
To protect themselves against these and other threats, CISA provides the following recommendations:
Reduce the likelihood of a damaging cyber intrusion:
Organizations should review the implementation of cybersecurity best practices, such as multi-factor authentication, patch management, web filtering, and others.
CISA offers free cyber hygiene services to help organizations assess their posture, and MSPs like us at TechGen are happy to help as well.
Take steps to quickly detect a potential intrusion:
It can take very little time from the initial point of contact for an intrusion to spread laterally across the network. To quickly detect a potential intrusion, organizations monitor all assets and keep their anti-malware software updated. They should also enable logging to better investigate issues or events.
Ensure that your organization is prepared to respond if an intrusion occurs:
Being able to detect an intrusion is only half the battle; you also need to respond to it adequately. CISA recommends organizations to designate a crisis-response team and assign each member a specific role. Tabletop exercises can help ensure that everyone is ready.
Maximize your organization's resilience to a destructive cyber incident:
When it comes to cybersecurity, you should always prepare for the worst-case scenario: a total loss of data. How? By having in place a robust backup and disaster recovery strategy. Make sure to test the strategy often to verify that critically important data can really be restored in a timely manner.
More recommendations for organizations, their leaders, and everyone else can be found on the Shields Up page.
CISA also urges organizations to review the Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure advisory, which provides an overview of Russian state-sponsored cyber operations and the steps organizations should take to defend themselves against them.
Raise a Shield Against Cyber Threats
For most organizations, especially SMBs with limited or non-existent IT capabilities, implementing CISA’s recommendations can be a daunting task. Fortunately, such organizations don’t have to implement them alone. We at TechGen are here to help you raise a shield against all cyber threats. Get in touch with us today.