Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Shields Up: CISA Warns American Companies of Russian Hacking

February 15, 2022

PC Magazine reported on February 12 that the US Cybersecurity and Infrastructure Agency (CISA)  is warning that US companies should be very wary of hacking attempts from Russia as tensions with the country escalate.

Even if Russia doesn’t invade Ukraine, it has often targeted the country with what has been characterized as “many of the most costly cyberattacks in history.” Those attacks might not be confined to Ukraine which is why CISA’s new Shields Up campaign was developed.

“While there are not currently any specific credible threats to the U.S. homeland,” CISA says, “we are mindful of the potential for Russia to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine.”  

CISA says that it “recommends all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.” It also says that it’s collaborated with its “critical infrastructure partners” to raise risk awareness.

The agency wants everyone to “reduce the likelihood of a damaging cyber intrusion,” “take steps to quickly detect a potential intrusion,” “ensure that the organization is prepared to respond if an intrusion occurs,” and “maximize the organization’s resilience to a destructive cyber incident.”

CISA offers advice related to each of those focus areas on its Shields Up website. It also says that, although “recent cyber incidents have not been attributed to specific actors,” organizations should review a January alert related to “Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure” and the StopRansomware.gov website.

There is a great deal of useful information on the Shields Up website. Pivotal to decreasing vulnerability to cyberattacks are these recommendations:

  • Validate that all remote access to the organization’s network and privileged or administrative access requires multi-factor authentication.
  • Ensure that software is up to date, prioritizing updates that address known exploited vulnerabilities identified by CISA.
  • Confirm that the organization’s IT personnel have disabled all ports and protocols that are not essential for business purposes.
  • If the organization is using cloud services, ensure that IT personnel have reviewed and implemented strong controls outlined in CISA’s guidance.
  • Sign up for CISA’s free cyber hygiene services, including vulnerability scanning, to help reduce exposure to threats.

I think it likely that we will come under increasing attacks from Russia. Be prepared.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225, Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson