Russian Cyberattack Risk and Mitigation Recommendations

Many national security experts agree that Russian cyberattacks on U.S. infrastructure are becoming increasingly likely. While there are not currently any specific credible threats to the U.S. homeland, all organizations, especially those within the U.S. financial sectors and supply chains need to be aware of the escalating risk and do whatever they can to enhance their cybersecurity posture.

The Risk of Russian Cyberattacks

In February 2022, the Cybersecurity & Infrastructure Security Agency (CISA) issued a "Shields Up" alert in response to Russia’s attack on Ukraine, which involved cyberattacks on Ukrainian government and critical infrastructure organizations, indicating that "Every organization—large and small—must be prepared to respond to disruptive cyber activity." [Source]

This security alert advised organizations of all sizes to enhance their cybersecurity posture and protocols to prepare for the likelihood of escalating cyber events. Outlined in this “Shields Up” alert are recommended actions that organizations should take to mitigate the risk.

5 Risk Mitigation Tips from the CISA

1. Enforce Multi-Factor Authentication

• Multi-Factor Authentication (MFA) should be used by all personnel with no exceptions. Basic usernames and passwords are incredibly vulnerable to brute force cyber attacks and are frequently compromised or stolen by third parties. Requiring an additional form of authentication in addition to robust login credentials provides another layer of protection between cybercriminals and an organization’s networks. In fact, by utilizing MFA an organization is 99% less likely to get hacked!

2. Utilize Strong and Unique Passwords

• Passwords are becoming increasingly fragile, so it is best practice to require a strong and unique password for accessing every digital account. Passwords should NOT be reused. Password managers are helpful to not only store but also generate unique passwords to keep entry points secure.

3. Keep Software Up to Date

• Bad actors are searching for any vulnerability to exploit, and outdated software is a prime target. It is important to keep all operating systems, browsers, applications, etc. up to date. Most of these platforms offer auto-updates, which should be enabled to ensure they are always up to date.

4. Think Before You Click

• According to the CISA, more than 90% of successful cyberattacks start with phishing emails. Phishing scams are a prime strategy to harvest data like passwords, social security numbers, credit card numbers and other sensitive information. Bad actors may even use phishing scams to introduce malware to a network. Do not blindly click any links or attachments in an email, even when it appears to be from a trusted name or source. Care should always be taken when opening and clicking on any email content or web pages. Be sure to validate the ‘From’ email address, contact info, and any logos or company information before clicking items within an email or web page. When in doubt, trust those instincts and do not click.

5. Response Tools

• It has been recommended in a recent Joint Advisory from the FBI, NSA and CISA to integrate and utilize Endpoint Detection and Response (EDR) tools to allow deep visibility into the security status of all network endpoints as an effective defense against bad actors. [Source]

Take It One Step Further with Managed eXtended Detection & Response from Securus360

EDR platforms monitor all activities in an endpoint device, including processes, registry settings, file and network operations. An EDR tool aggregates and analyzes data to detect and counter threats, either through automated processes or human interventions. But even with an EDR solution in place, EDR has blind spots. It can only provide visibility into endpoints with EDR agent. It doesn’t provide network visibility, and given the tremendous amount of data that is captured by an EDR tool, in-house security teams may become overwhelmed and leave their organization open to cyberattacks.

Managed EDR services are just one component of the Securus360 Managed eXtended Detection & Response (MXDR) solution. Securus360 MXDR provides all-inclusive network monitoring for end points as well as cloud instances, servers, network infrastructure and end user behavior – all on a single pane of glass for complete visibility to your organization with 24x7 monitoring by human cybersecurity analysts. This comprehensive cybersecurity solution utilizes a cloud native approach that combines machine learning, security automation and human intelligence to create a high speed and high touch defense solution that provides threat detection, threat hunting, auto-containment, security monitoring, incident analysis and full-service response.

Talk to the Securus360 Team

Your Corporate Cyber Protection Starts with Securus360. Request an Evaluation and Demo!