President Biden released a statement Monday warning about “evolving intelligence that the Russian Government is exploring options for potential cyberattacks” on U.S. targets. He is urging the private sector to “harden your cyber defenses immediately by implementing the best practices.”
This warning about Russian cyber attacks comes on the heels of recent alerts about the possibility of increased cyber threats, but this is the first time the U.S. government has mentioned specific intelligence around cyberattacks.
“Today, we are reiterating those warnings, and we’re doing so based on evolving threat intelligence that the Russian government is exploring options for potential cyberattacks on critical infrastructure in the United States,” said Deputy National Security Advisor Anne Neuberger in a press briefing Monday.
Specific details about the cyber threat intelligence were not shared. However, during Monday’s White House briefing, Deputy Advisor Neuberger said that Russia had been conducting “preparatory activity,” which could mean scanning websites and hunting for vulnerabilities. She went on to say, “There’s a range of activity that malicious cyber actors use, whether they’re nation state or criminals.”
The Cybersecurity and Infrastructure Agency (CISA) and other government agencies have been urging private sector organizations to prepare for potential cyber incidents resulting from Russia’s invasion of Ukraine. They issued a Shield’s Up alert earlier this month but mentioned that there had been no specific threats uncovered at that point.
However, with this latest statement from the White House, the threat landscape has changed. As a result, there is no longer time to delay hardening your cyber defenses.
How to Prepare Your Organization for Possible Russian Cyber Attacks?
We have put together this checklist to help your organization evaluate its current level of preparedness considering these latest threats.
Follow Good Cyber Hygiene and Stay extra vigilant
- Think before you click a link or open an email attachment.
- Be wary of new social media requests.
- Encourage employees to report suspicious emails, links, or requests.
- Review and update passwords to ensure they are unique and complex—including home devices for those working remotely.
Reduce the likelihood of a damaging cyber intrusion
- Institute Multi-Factor Authentication (MFA).
- Utilize a Virtual Private Network (VPN).
- Ensure that software is up to date, prioritizing updates that address known exploited vulnerabilities.
Take steps to quickly detect a potential intrusion
- Utilize antivirus and antimalware software to protect devices and networks.
- If working with Ukrainian or Russian connections, take extra care to monitor, inspect, and isolate traffic from those organizations.
Ensure that your organization is prepared to respond if an intrusion occurs
- Assure business continuity by designating a crisis-response team.
- Review policies and procedures around incident response.
- Conduct a tabletop exercise to ensure that all participants understand their roles during an incident.
Maximize your resilience to a destructive cyber incident
- Test backups to ensure data can be restored within acceptable point and time objectives.
- Identify critical vendors and understand how their services disruptions could impact your business.
To find out how you can further protect your organization, reach out to our security experts to learn more about our multi-layered security solutions.