informa
2 min read
article

Take 'Urgent' Steps to Secure Systems From Damaging Attacks, CISA Says

CISA issues alert for senior leadership of US organizations amid rising tensions between Russia and Ukraine.

The US Department of Homeland Security's Cybersecurity & Infrastructure Security Agency (CISA) today published a bulletin for senior leaders of US organizations to "immediately implement" a list of specific security steps.

The CISA Insights bulletin comes on the heels of a joint advisory it issued along with the FBI and NSA on Jan. 11 on how to detect, respond to, and mitigate cyberattacks from Russian state-sponsored hacking groups. Today's guidance comes amid rising diplomatic tensions between the US and Russia, and Russia's saber-rattling toward Ukraine. 

CISA said US organizations of all sizes should "take urgent, near-term steps to reduce the likelihood and impact of a potentially damaging compromise." Specifically, they should deploy multifactor authentication for all privileged or administrative accounts; update software and prioritize patches that fix exploited flaws CISA has identified; disable all unneeded ports and protocols; employ strong cloud controls per CISA's guidance; and other security best practices.

And in a nod to the stark geopolitical threat at hand, CISA said: "If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic." 

Microsoft recently detailed a destructive malware operation against multiple organizations in Ukraine aimed at leaving targeted systems inoperable.

Read more here