Last week U.S. officials issued a warning of potential cyberattacks due to the Russia/Ukraine conflict. All U.S. organizations are at risk of a cyberattack because of two reasons:
Malware designed in Russia against Ukraine may spill over to affect U.S. entities
Russia could target U.S. organizations in retaliation for U.S. sanctions against them.
To better protect your organization from these expected attacks:
Ensure your systems are patched against known vulnerabilities. Check the CVE or CISA Known Exploited Vulnerabilities Catalog for critical patches.
Check for existing threats in your network using endpoint detection or threat hunting tools.
Configure your intrusion detection and intrusion protection systems to detect suspicious activity.
Ensure your firewall is properly configured.
Ensure you have multifactor factor authentication (MFA) deployed and in use. This is especially important for internet-facing logins.
To learn more about better securing your organization, contact the DIG.