IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

The Russians Are Coming, the Russians Are Coming!

In cyberspace, that is.

The other week, 60 Minutes had a segment on “Shields Up: U.S. officials preparing for potential Russian cyberattacks.”

This was followed by another warning from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) that is quoted below in its entirety.

With the number of communications coming out of CISA on this issue, and even being mentioned by President Biden, all the indicators are that 1) attacks are ongoing, and 2) more attacks are coming. Don’t say you have not been warned!

“Critical Infrastructure Partners,

“The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), National Cyber Security Centre New Zealand (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) and National Crime Agency (NCA), with contributions from industry members of the Joint Cyber Defense Collaborative, announced a joint Cybersecurity Advisory on Russian state-sponsored and criminal cyber threats to critical infrastructure that could impact organizations both within and beyond Ukraine. It is the most comprehensive view of the cyber threat posed by Russia to critical infrastructure released by government cyber experts since the invasion of Ukraine in February.

“The advisory provides technical details on malicious cyber operations by actors from the:

  • Russian Federal Security Service (FSB),  
  • Russian Foreign Intelligence Service (SVR),  
  • Russian General Staff Main Intelligence Directorate (GRU), and  
  • Russian Ministry of Defense, Central Scientific Institute of Chemistry and Mechanics (TsNIIKhM).  

“It also includes details on Russian-aligned cyber threat groups and cybercrime groups. Some of these cybercrime groups have recently publicly pledged support for the Russian government and have threatened to conduct cyber operations in retaliation for perceived cyber offensives against Russia or against countries or organizations providing materiel support to Ukraine.

“The advisory recommends several immediate actions for all organizations to take to protect their networks, which include:

  • Prioritize patching of known exploited vulnerabilities; 
  • Enforce multifactor authentication; 
  • Monitor remote desktop protocol (RDP); and 
  • Provide end-user awareness and training 

“Because evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks, the cybersecurity authorities are providing this robust advisory with several resources and mitigations that can help the cybersecurity community protect against possible cyber threats from these adversarial groups. Executives, leaders, and network defenders are urged to implement recommendations to prepare for and mitigate the varied cyber threats listed in the Cybersecurity Advisory here. This advisory updates joint CSA Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure.

“In addition to reviewing this new advisory, CISA encourages critical infrastructure executives and senior leaders to review our “Shields Up” webpage at www.cisa.gov/shields-up. Also, organizations should share information on incidents and unusual activity to CISA 24/7 Operations Center at report@cisa.gov or (888) 282-0870 and/or to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.

“We appreciate you sharing this information and/or amplifying with your cybersecurity community. CISA and other partners are posting information about our joint advisory on their social media platforms.”
Eric Holdeman is a nationally known emergency manager. He has worked in emergency management at the federal, state and local government levels. Today he serves as the Director, Center for Regional Disaster Resilience (CRDR), which is part of the Pacific Northwest Economic Region (PNWER). The focus for his work there is engaging the public and private sectors to work collaboratively on issues of common interest, regionally and cross jurisdictionally.