CISA Shields Up: How to prepare for the Russia-Ukraine cybersecurity hazard

13.Feb.2022

[Updated 24.02.2022]

Full-Stack Security

CISA issues ‘Shields Up’ alert to warn US companies about potential Russian hacking attempts to disrupt essential services and critical infrastructure as the Russia-Ukraine crisis escalates. Get ahead of the situation with essential information.

You may have seen the US Cybersecurity & Infrastructure Security Agency (CISA) issue their “Shields Up” advisory on Saturday, 12 February. While this advisory is aimed at organizations and companies in the US, we think it is prudent for all organizations we serve to consider the cybersecurity advisory with the same degree of urgency given past incidents (ex. NotPetya) due to the connected nature of modern business systems and supply chain.

[Updated 24.02.2022] It has been reported this week that Ukraine was hit by a string of cyberattacks bringing down many state websites through mass DDoS and data wiping HermeticWiper malware attacks. Britain's National Cyber Security Center (NCSC) has also called on British organizations to tighten their online defense following the recent development, as well as releasing a joint UK and US advisory on the Sandworm malware targeting Linux.

Outpost24 Group is here to provide your organization with these important alerts and notifications and ensure you have the best security posture ahead of any direct or collateral hacking activity that might arise in the near future and impact your business.

🛡Every organization in the US is at risk from cyber threats that can disrupt essential services. As we know, the Russians have used cyber as a key component of their force projection, to include disabling or destroying critical infrastructure. More @ https://t.co/xVKj0pYLgF 1/4 pic.twitter.com/YRVCDurE6p
— Jen Easterly (@CISAJen) February 12, 2022

CISA recommends all organizations to adopt a heightened security posture and take proactive steps to safeguard their most critical assets by ensuring multi-factor authentication are enabled for remote network access, software and cloud controls are up to date and known-to-exploited IT vulnerabilities are addressed.

Specific to your organization, Outpost24 recommends and provides the tools to support

Prioritize exploitable vulnerabilities that have been surfaced in your scan results and work diligently to resolve them
Examine your external attack surface to identify and prioritize any internet exposed applications, APIs or services and take steps to secure those with high criticality
Review your current threat landscape using actionable intelligence we provide based on geography, industry segment, and exposed infrastructure that threat actors are targeting
Evaluate your organization’s access posture by reviewing user password hygiene for weak, compromised or duplicate passwords