Why the U.S. Government has issued another cybersecurity warning regarding the Ukraine crisis
Earlier this week the White House and Cybersecurity Infrastructure and Security Agency (CISA) issued another warning over potential cyber-attacks stemming from the ongoing war between Ukraine and Russia. You can read the full statement from the White House here.
This follows on the heels of the previous warnings issued by CISA and the White House, both before and after the invasion and broader conflict began.
Largely the previous warnings have been generic in nature and did not name any specific targets, threats, or vulnerabilities but that does not mean they should be casually disregarded. In the most recent warning issued the White House cited “evolving intelligence” that suggested Russia may be preparing to launch wide-scale cyber-attacks against the U.S. in retaliation for sanctions we have levied against them.
What makes this warning slightly different are two factors. First is the fact that the White House and CISA are now saying they do have some specific intelligence around potential threats.
The other factor is that by all reports Russia has been surprised by both the speed and harsh nature of sanctions as well as what they thought would be an easy invasion. The result of this is that Russia may be growing more desperate.
Without knowing more specifics around what “evolving intelligence” they are citing it is hard to say how concerned the average U.S. business should be. That being said protecting against cybersecurity threats with robust defenses has not been a top priority for every organization.
How this impacts you and what you can do about it
In the short term, this means that if you are not already it’s time to invest in strengthening your security posture. Although these warnings continue to be generic and there is the possibility that nothing comes out of it, strengthening cybersecurity within the United States is something that those of us in the tech community have been advocating about for years.
To solidify your posture we recommend you implement what is known as zero-trust security. As the name implies this model seeks to build in security checks and balances for every user, system, and piece of technology in your organization. Depending on what protections you currently have this can be quite the undertaking.
No need to worry that is why we are here, to help you get the most out of your technology. We work with you to make common sense decisions around security that keep you protected and don’t require a security certification to understand. These are the core protections we recommend for all of our clients:
- Multi-Factor Authentication: Using a method of authentication in addition to your password when logging into key systems.
- Security Awareness Training: Automated testing and training of staff to bolster human awareness to identify security threats and phishing attempts.
- DNS filtering: Organization-wide internet filtering preventing traffic to known malicious sites.
- Advanced Endpoint Protection: Behavior-based endpoint software with 24/7 monitoring by a security team.
- Dark Web Monitoring: Consistent monitoring of compromised usernames and passwords being sold in the digital black market.