Update on Cybersecurity Concerns Related to Russia-Ukraine Conflict

Approximately two weeks ago we provided guidance for organizations concerned about cyber threats stemming from the Russia-Ukraine conflict. 

On Monday, 3/21, President Biden released a statement that suggested the threat level to US entities may have increased. Excerpt below (emphasis ours):

“I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners. It’s part of Russia’s playbook. 

Today, my Administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks.”

Based on this new information, as well as our attendance on an open call with CISA and the FBI on Tuesday, 3/22, we advise all organizations to review the guidance provided by CISA via Shields Up | CISA and take any reasonable steps to address vulnerabilities of which you are aware. 

There are many recommendations from CISA, but a few are quite clear and consistent with guidance RoundTable has always provided:

1. Enforce MFA on all critical systems
• If this is not practical, prioritize MFA on remote access (VPN) accounts as well as administrative and other privileged accounts.
2. If you have any Internet facing systems, prioritize remediation of any known vulnerabilities.
3. CISA maintains a catalog of all known vulnerabilities commonly exploited by Russian and Russia-sympathizer cyber attackers. Search this catalog for any applications or hardware in your environment and remediate any discovered vulnerabilities as soon as you reasonably can. 

If you would like additional guidance or have questions, please contact us. We are happy to provide support and guidance and discuss your specific needs..