The Cybersecurity & Infrastructure Security Agency (CISA), in tandem with the FBI and National Security Agency, issued a Cybersecurity Advisory on January 22, 2022, to warn organizations, and especially critical infrastructure operators, to be on heightened alert that Russian state-sponsored cyber operations may again use the tensions with the U.S. to attack U.S. companies.
The Advisory, entitled Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure, outlines various measures organizations can take to prepare for, enhance their cyber posture, and increase organizational vigilance against Russian-sponsored attacks.
The Advisory states:
“CISA, the FBI, and NSA encourage the cybersecurity community—especially critical infrastructure network defenders—to adopt a heightened state of awareness and to conduct proactive threat hunting, as outlined in the Detection section. Additionally, CISA, the FBI, and NSA strongly urge network defenders to implement the recommendations listed below and detailed in the Mitigations section. These mitigations will help organizations improve their functional resilience by reducing the risk of compromise or severe business degradation.”
The Advisory is a must read.