On Monday, The White House warned the U.S. business community that Russia could be planning to launch cyberattacks against critical U.S. infrastructure and U.S. companies.
The U.S. has been warning about Russia’s cyberattack capabilities and their potential, but President Biden revisited the message this week, saying in a statement that “evolving intelligence” indicated Russia is “exploring options for potential cyberattacks” in response to U.S. sanctions against Russia over its invasion of Ukraine.
While U.S. intelligence has not identified a specific attack approaching, it feels the possibility is ripe. Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger called for companies to be on watch and secure their systems.
Cybercriminals linked to Russia have launched several cyberattacks affecting the U.S. recently, including the ransomware attack on Colonial Pipeline, which led to gas shortages on the East Coast in May, and the attack on meat processor JBS a few weeks later.
Potential upcoming Russian cyberattacks can range from broader efforts to affect our infrastructure or financial systems, to more localized attacks on companies in the form of ransomware, phishing, and hacking.
In a statement published Monday on its whitehouse.gov website, the White House urged companies to “execute the following steps with urgency”:
- Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;
- Deploy modern security tools on your computers and devices to continuously look for and mitigate threats;
- Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors;
- Back up your data and ensure you have offline backups beyond the reach of malicious actors;
- Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack;
- Encrypt your data so it cannot be used if it is stolen;
- Educate your employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly…
As you know already, no one can be 100% protected from 100% of the possibilities 100% of the time…but…forewarned is forearmed.
And being forearmed can make a huge difference. As a client of wedoIT, we already have several systems in place to offer protection. Those include:
- Realtime ransomware monitoring
- On-site and off-site backups that are tested every 24 hours
- Email cloud backups
- Endpoint detection and response protection
- Routine cloud-based software and security updates
What more can YOU do?
- The main thing is to be extra aware and extra vigilant, both on a corporate level and an individual level.
- Never open suspicious links you receive in emails.
- Double-check the sources of the emails you receive and beware of counterfeits. Screen your emails for authenticity. Don’t click on anything that looks suspicious.
- Back up all your data on a regular basis.
- If you experience a problem, hands off the keyboard and on the phone. Don’t try to troubleshoot yourself. Contact us right away so we can help.
- Discuss cybersecurity with your staff. Communicate with them regarding what to watch out for and what to do in the event of a problem.
If you have any questions about protections we have in place and how they work, developing a specific disaster recovery plan for your organization, staff training, or any questions about the situation, please don’t hesitate to contact us.