Take 'Urgent' Steps to Secure Systems From Damaging Attacks, CISA Says
CISA issues alert for senior leadership of US organizations amid rising tensions between Russia and Ukraine.
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc94608acf452fd67/655cf371ab171e040a838b2a/329050_DR23_Graphics_Website_V5_Default_Image_v1.png?width=1280&auto=webp&quality=95&format=jpg&disable=upscale)
The US Department of Homeland Security's Cybersecurity & Infrastructure Security Agency (CISA) today published a bulletin for senior leaders of US organizations to "immediately implement" a list of specific security steps.
The CISA Insights bulletin comes on the heels of a joint advisory it issued along with the FBI and NSA on Jan. 11 on how to detect, respond to, and mitigate cyberattacks from Russian state-sponsored hacking groups. Today's guidance comes amid rising diplomatic tensions between the US and Russia, and Russia's saber-rattling toward Ukraine.
CISA said US organizations of all sizes should "take urgent, near-term steps to reduce the likelihood and impact of a potentially damaging compromise." Specifically, they should deploy multifactor authentication for all privileged or administrative accounts; update software and prioritize patches that fix exploited flaws CISA has identified; disable all unneeded ports and protocols; employ strong cloud controls per CISA's guidance; and other security best practices.
And in a nod to the stark geopolitical threat at hand, CISA said: "If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic."
Microsoft recently detailed a destructive malware operation against multiple organizations in Ukraine aimed at leaving targeted systems inoperable.
Read more here.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024