The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the United Kingdom released a joint Cybersecurity Advisory (CSA) on April 20, 2022, “to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity.”
According to the CSA, “Evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks” and “some cybercrime groups have recently publicly pledged support for the Russian government,” “threaten[ing] to conduct cyber operations against countries and organizations providing materiel support to Ukraine.”
In particular, the CSA warns critical infrastructure operators “to prepare for and mitigate potential cyber threats” and “by hardening their cyber defenses and performing due diligence in identifying indicators of malicious activity.”
Tips to prepare for and mitigate against cyber-attacks include:
- Patch all systems. Prioritize patching known exploited vulnerabilities.
- Enforce multifactor authentication.
- Secure and monitor Remote Desktop Protocol and other risky services.
- Provide end-user awareness and training.
As the sanctions against Russia escalate, companies may wish to follow multi-national warnings of intelligence agencies.