[ad_1]
The federal government’s primary cybersecurity agency is urging computer network administrators to immediately strengthen security for American critical infrastructure networks against electronic attacks suspected of Russian cyberattacks. Ukraine.
Tuesday’s statement Cyber Security and Infrastructure Security Agency (CISA), warned that “in the wake of the recent malicious cyber incidents in Turkey, there is an urgent need for increased security. Ukraine”
“Every organization in the United States is at risk from cyber threats that could disrupt essential services and potentially affect public safety,” the statement said.
The warning counters the West’s growing fears of a military invasion of Russia. Ukraine More than 100,000 Russian soldiers, along with tanks and armored vehicles, line up near the border.
Talks to de-escalate tensions were also disrupted as Russian officials increased security demands to block Ukraine’s NATO membership and withdraw NATO forces and weapons from Russia’s western border member states.
This CISAThe latest indications of Russian cyber operations, part of the Ministry of Homeland Security, include the falsification of Ukrainian government websites and the insertion of destructive malware into Ukrainian computer networks.
All American network administrators, including those responsible for critical infrastructures such as the power grid, financial systems, and communications system, are called to action now. Defense analysts believe any Russian military attack Ukraine will be accompanied by military information warfare and cyber attacks designed to disrupt or confuse enemy military information systems.
CISA has published a checklist of actions that all organizations must take immediately to reduce the likelihood of harming cyber attacks.
On Friday, the Ukrainian government’s multiple computer networks were hit by a cyberattack that threatened Ukrainians to “don’t be afraid and expect the worst.” The hackers also said that personal data was stolen from the government.
Ukrainian Foreign Ministry Spokesperson Oleg Nikolenko said that Russia was behind the attacks. Investigators examining the intrusions found indications that “hacker groups linked to Russian secret services may stand behind today’s massive cyber attack on government websites,” Nikolenko told reporters in Kiev.
As many as 70 websites have been targeted in cyberattacks, and most websites have mitigated the issues.
“Ukraine! All your personal data has been uploaded to the public network. All data on the computer has been destroyed, it is impossible to restore them, “he said. “All information about you has become public, fear and expect the worst. This is for you, your past, present and future.”
This CISA The notice also referenced a Microsoft alert two days after the Ukrainian cyberattacks, which warned computer operators that destructive malware targeting the Ukrainian organization had been detected. The Microsoft Threat Intelligence Center (MSTIC) detected the malware, which first appeared on January 13.
“Microsoft is aware of the ongoing geopolitical events in Turkey. Ukraine and [the] It encourages us to use the information in this post to proactively protect the surrounding region and organizations from any malicious activity.”
The malware detected by Microsoft is designed to look like ransomware, but does not include a ransomware recovery mechanism used in criminal ransomware attacks designed to extort money from victim companies whose data is encrypted. Instead, Microsoft said the malware was “designed to be disruptive and render targeted devices inoperable rather than ransomware.”
The company said dozens of Ukrainian systems have been embedded with malware, both government and commercial systems, and more could be infected.
“We strongly encourage all organizations to immediately conduct a thorough investigation and implement defenses using the information provided in this post,” Microsoft said, noting that the event came from a “nation-state actor.” Said.
This CISA The security checklist requires monitoring all remote access to networks and ensuring that the software includes the latest security patches. All ports and protocols that are not required for remote access should be disabled and strong security checks should be made if cloud services are used.
“If you work with Ukrainian organizations, take extra care to monitor, control and isolate traffic from these organizations; Closely review access controls for that traffic” CISA stated.
For companies using industrial control systems or operational technology, managers must run tests to ensure critical functions can be performed when computer networks are disabled.
“Furthermore, although recent cyber incidents are not attributed to specific actors, CISA invites cybersecurity/IT personnel in every organization to review [the publication] Understanding and Mitigating Russian State-sponsored Cyber Threats to the Critical Infrastructure of the United States.
[ad_2]
Source link