The Cybersecurity & Infrastructure Security Agency (CISA) has issued a Shields Up cyber security alert for anyone in the US in the wake of the Russia-Ukraine conflict.
The nation’s cyber defense agency reports that evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks.
US Issues Shields Up Alert for Cyber Security Awareness
In a Shields Up memo, CISA warns that every organization, large and small, must be prepared to respond to disruptive cyber incidents.
Importance of Reporting Cyberattacks
The agency, which is committed to helping organizations prepare for, respond to, and mitigate the impact of cyberattacks, encourages businesses to report incidents to them quickly. By reporting a cyberattack quickly, CISA can use the information to render assistance and as a warning to prevent other businesses from becoming victim to a similar attack.
The Shields Up guidance for all organizations, including small businesses, recommends adopting a heightened position when it comes to cybersecurity and protecting their most critical assets.
Free Cybersecurity Services and Tools
The agency has compiled a catalog of free cybersecurity services and tools from government partners to assist small businesses with their cybersecurity during these precarious times when threats from Russia remain concerning.
In its Shields Up memo, CISA lists recommended actions all businesses, including small businesses, should take to help keep them safe from hackers and cyber intrusion.
Businesses should validate that all remote access to their network or admin access requires multi-factor authentication. They should ensure software is up to date and prioritize updates that address known exploited vulnerabilities identified by CISA.
Antivirus/Antimalware Software Protection
Small businesses should take steps to quickly detect a potential intrusion. Such steps should include ensuring cybersecurity/IT personnel are focused on identifying and quickly assessing any unexpected or unusual network behavior. Businesses should also confirm that their entire network is protected by antivirus/antimalware software and that signatures in these tools are updated.
If working with Ukrainian organizations, businesses should be extra care to monitor, inspect, and isolate traffic from those organizations.
CISA also urges businesses to be prepared if an intrusion occurs. Preparation should include designating a crisis-response team with main points of contact for a suspected cybersecurity incident and roles/responsibilities within the organization, including technology, communications, legal and business continuity. The availability of key personnel needs to be confirmed and assured.
Test Backup Procedures
To maximise a business’s resilience to a destructive cyber incident, businesses should conduct test backup procedures to ensure that critical data can be rapidly restored if the business falls victim to a destructive cyberattack.
CISA also urges cybersecurity personnel at all businesses to review the agency’s Understanding and Mitigating Russian State-Sponsored Cyber Threats to US Critical Infrastructure report.
Businesses should report anomalous cyber activity and cyber incidents by emailing [email protected] or calling (888) 282-0870.