The Department of Homeland Security oversees the U.S. CISA (Cybersecurity and Infrastructure Security Agency). The CISA's core values are Collaboration, Innovation, Service, and Accountability; these values are central to the essential work needed to stem an onslaught of cybersecurity attacks. This collaboration involves cooperation on cybersecurity matters between the private sector and the government. The goal is to build and maintain secure critical infrastructures to protect citizens.
As cybersecurity threats rain down on the USA and across the globe, the CISA has created the Shields Up website that provides a series of threat alerts and guidelines to protect organizations.
The world is up against an unprecedented onslaught of cyber-attacks. World events, including the Covid-19 pandemic and the war on Ukraine, have emboldened cybercriminals. In a recent address, President Biden warned companies that operate critical infrastructures of impending Russian-sponsored attacks.
Biden stated:
“...today my administration has issued renewed warnings that, based on evolving intelligence, Russia may be planning a cyberattack against us. And as I’ve said, the magnitude of Russia’s cyber capacity is fairly consequential, and it’s coming.”
This address comes on the heels of increasing cyberattacks: in 2021, an IDC report found that 37% of worldwide organizations were victims of ransomware; the FBI identified losses of over $43 billion due to Business Email Compromise between 2016 and 2021.
The CISA Shields Up initiative attempts to redress the balance by offering guidance on protecting against these attacks.
The CISA lays out its vision for a cyber-secure infrastructure by declaring, "Every organization—large and small—must be prepared to respond to disruptive cyber incidents." To help in this endeavor, the CISA Shields Up website offers a series of alerts, advisories, and best practices. In addition, Shields Up looks at a current and imminent threat profile and advises on how to protect against the cyber-threat. Some recent examples include:
This alert identifies an increase in cyber-threats targeting managed service providers (MSPs) and their access to client networks in the USA, U.K., Australia, Canada, and New Zealand. The threats focus on ransomware infection and cyber-espionage, with CISA offering a series of best practices to mitigate the risks to MSPs and customers. Cyber-threat prevention measures include anti-phishing, internet-facing services protection, and password defense.
This advisory gives an overview of Russian-sponsored cyber threats to critical infrastructures. This advisory is a collaboration between the United States, Australia, New Zealand, and the United Kingdom. It involves work with industry bodies via the Joint Cyber Defense Collaborative, which brings the public and private sectors together to tackle cyber-threats. The advisory focuses on four key defensive measures:
Another collaborative investigation involves the United States, Australia, Canada, New Zealand, and the United Kingdom. The research identifies the top cyber-threats to businesses. The resulting paper identifies the highest risk vulnerabilities to companies worldwide: this includes the Log4Shell vulnerability, several vulnerabilities in Microsoft Exchange Server, and Microsoft Office. Mitigations include:
Centralized patch systems.
Shields Up works by bringing the collective knowledge of industry and government together to tackle the thorny issue of increasing cyber-attacks. This is a vital strategy in a troubled world where war has crossed the chasm from purely physical-attacks to cyber-attacks. While each attack may have a complex profile, specific security measures are strongly recommended by the Shields Up advisories:
The CISA states, "Phishing is one of the top infection vectors for ransomware, and Russian state-sponsored APT actors have conducted successful spear-phishing campaigns to gain credentials of target networks." Therefore, employees need to know the tell-tale signs of phishing to prevent clicking on malicious links or downloading infected attachments. Success can be achieved by using behavior-driven security awareness training, allowing an organization to focus on specific poor security behaviors of an individual.
CISA recommends using spam filters to prevent phishing emails from entering employee inboxes. These filters should use advanced and intelligent mechanisms, including machine learning, to be effective against emerging phishing threats.
Cybercrime propagates through vulnerabilities in our I.T. systems. Therefore, organizations must keep software and firmware up to date and patch promptly: the CISA suggests a centralized patch management system to automate patching. CISA also suggests using vulnerability scanning to check across an expanded network of devices and apps.
The CISA holds a vulnerability catalog that security professionals can access to keep them aware of known security flaws.
CISA suggests enforcing the use of additional factors for authentication to apps. The agency also recommends good password hygiene measures such as not sharing or reusing passwords. Considering a Google survey that found 62% of people reuse passwords, this is wise advice.
Access control is a key preventative measure against cybersecurity attacks. Advisories include applying the principle of least privilege to prevent unauthorized access to sensitive web servers and data.
Preparing for a cyber-incident is also covered by the CISA, which recommends that organizations:
Cyber-attacks are out of control, but the CISA provides a way to fight back. By using the CISA Shields Up website and keeping up to date with the best practice advice offered in the alerts and guidance, a company can protect itself from the onslaught of threats in a troubled world.
Sign up for a FREE Demo of SafeTitan to learn how the solution works to add an additional layer of defense against security attacks.
Book Free Demo
A 2024 report highlights the soaring popularity of QR codes, with a 47% yearly usage surge. However, cybercriminals are exploiting this trend, targeting unsuspecting users with scams and malware infections due to...
Uncover the dangers of workplace password sharing and outdated practices. Learn about secure alternatives like shared mailboxes and permissions and explore modern security practices in this must-read blog.
Discover the risks of holiday phishing and fortify your defenses with TitanHQ's ICES solution, PhishTitan—read now to secure a safe and joyous festive season.
Sign-up for email updates...
