White House intelligence indicates that Russia may be exploring options for potential cyber-attacks against US targets.
Evolving intelligence suggests that such an attack could be on the horizon as Russia looks to respond to the unprecedented sanctions the US has imposed following the outbreak of war in Ukraine.
Cyber attacks are seen as part of Russia’s playbook.
A statement released on 21 March by President Joseph Biden said, “If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year.”
He emphasized that organizations have the “responsibility to strengthen the cyber security and resilience of the critical services and technologies on which Americans rely”.
The Biden Administration will continue to deter, disrupt and, if necessary, respond to cyber-attacks against critical infrastructure but the statement noted that most of the US’ critical infrastructure is owned by private sector organizations.
Strengthening cyber security
The White House was keen to note that it has prioritized strengthening cyber security defenses “since day one”.
The Cybersecurity and Infrastructure Security Agency’s (CISA) Shields Up campaign was highlighted as an initiative that the Administration will continue to support in order to provide resources and tools to the private sector.
Through the Shields Up campaign the CISA has compiled a free catalog of services from government partners to help organizations identify resources for urgent security improvements.
Meanwhile, on 15 March President Biden signed a government funding bill into law that included the Strengthening American Cybersecurity Act (SACA) of 2022 which was passed by the Senate earlier in March.
Part of the Act mandates that critical infrastructure owners report cyber security incidents including ransomware attacks that have resulted in payment. The Act requires that companies report substantial cyber-attacks within 24 hours and ransomware attacks within 72 hours to the CISA.
The SACA also includes Federal Information Security Modernization Act of 2022 and the Federal Secure Cloud Improvement and Jobs Act of 2022.
Actions to take
The continued rhetoric surrounding an imminent cyber-attack by Russia encourages organizations of all sizes to act in order to bolster their cyber defenses.
Steps to do so include:
- Mandating the use of multi-factor authentication
- Deploying tools for continuous threat detection and mitigation
- Ensure systems are patched and protected against all vulnerabilities
- Back up data and ensure there are offline back ups
- Encrypt data
- Educate employees to common tactics that attackers will use over email or through websites