Companies around the world are increasingly looking to enhance their cybersecurity readiness given the conflict in Ukraine. There are growing fears that entities aligned with Russia will use cyberattacks to strike western targets in retaliation for the broad condemnation of Russia’s aggression and the sanctions which followed. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), part of the U.S. Department of Homeland Security, recently launched a “Shields Up” awareness campaign sharing guidance on how organizations of all sizes can take protective measures against potential cyberattacks.
In particular, they recommend that organizations:
- Apply network segmentation if you have any business operations or work with suppliers or business partners in the impacted regions. Separating these networks and cutting persistent VPN connections and remote network shares could help prevent possible impact to your critical network(s).
- Review cyber incident response and business continuity plans to make sure they are up to date and ready to address possible ransomware-style or wiper malware attacks. Having a clear and well-tested plan will save you critical time in an incident.
- Maintain fundamental security best practices, including quickly patching internet-facing systems against known vulnerabilities. This is one of the most common ways bad actors enter an environment. Also, implement, maintain, and monitor antivirus and endpoint detection and response solutions.
- Isolate and back up critical data so you can recover known good data and resume business operations more quickly in the event of a cyberattack. Data is the lifeblood of any organization and having an immutable copy should be part of a cyber resiliency strategy.
- Implement multi-factor authentication in all places possible, especially for remote, administrative, and privileged access to critical networks and applications. Threat actors commonly look to exploit single factor authentication, but building in an additional layer of authentication can help reduce the possibility of cyber intrusion.
- Increase vigilance and prioritize cybersecurity needs across the company while there is elevated cyber risk. Threat actors are opportunistic and could take advantage of world events. Work now to improve your cybersecurity baseline and remove possible barriers that could prevent you from moving quickly to detect, respond to, or recover from an incident.
Now is an especially important time to check your organization's cyber hygiene (CISA’s Cyber Hygiene Guide) and take steps to prepare for potentially damaging ransomware attacks (CISA’s Ransomware Guide). Leveraging the power of our community of experts, preparing in advance, and maintaining vigilance is critically important in times like these.