An important message shared from US Coast Guard San Francisco Sector on behalf of White House Press Briefing March 21, 2022 on “Cyberattacks on U.S. criticaI infrastructure”, an urgent message from CISA:
For several months now, CISA and their partners at FBI and NSA have been urging private sector organizations – of every size – to take action to protect their systems and information. Now, the White House is doubling down on that message to communicate to critical infrastructure companies that they have a responsibility to protect the critical services Americans depend on.
The White House and CISA have updated their message to include the following statement: “Evolving intelligence indicates that the Russian Government is exploring options for potential cyberattacks on U.S. critical infrastructure.” – WH Press Briefing 3/21/2022.
You can find more information on the CISA website, here, this website is being continually updated, including technical guidance such as the latest TTPs and IOCs being observed by Federal civilian agencies and CYBERCOM. Don’t wait for formal Alerts and Advisories! The latest information is found at CISA’s Shield’s Up website being updated continuously!
When it comes to patching vulnerabilities, CISA is continually updating its “Known Exploited Vulnerabilities Catalog”, which assesses multiple risk factors to help prioritize patching based on observed exploitation. Including exploitation by Russian state actors, below is an excerpt of the White House Fact Sheet, available here
We urge companies to execute the following steps with urgency:
- Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;
- Deploy modern security tools on your computers and devices to continuously look for and mitigate threats;
- Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors;
- Back up your data and ensure you have offline backups beyond the reach of malicious actors;
- Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack;
- Encrypt your data so it cannot be used if it is stolen;
- Educate your employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly; and
- Engage proactively with your local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents. Please encourage your IT and Security leadership to visit the websites of CISA and the FBI where they will find technical information and other useful resources.
Please reach out should you require additional information or assistance.
