The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging increased vigilance one year after Russia's invasion of Ukraine. The agency is warning that cyberattacks from Russia and other foreign adversaries remain a serious threat to the United States.
In a recent statement, the agency says:
"CISA assesses that the United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord on February 24, 2023, the anniversary of Russia's 2022 invasion of Ukraine. CISA urges organizations and individuals to increase their cyber vigilance in response to this potential threat.
In response to the heightened geopolitical tensions resulting from Russia's full-scale invasion of Ukraine, CISA maintains public cybersecurity resources, including Shields Up—a one-stop webpage that provides resources to increase organizational vigilance and keep the public informed about current cybersecurity threats."
The agency's warning comes as tensions between the United States and Russia remain high, with both countries engaging in cyber warfare against each other. The Biden administration has pledged to take a tougher stance on Russia and has already imposed sanctions on Russian entities and individuals for cyberattacks, including the notorious TrickBot gang.
CISA is responsible for protecting the nation's critical infrastructure from cyber threats, and has been working closely with other government agencies and private sector partners to improve the country's cybersecurity posture. The agency's warning highlights the need for continued cooperation and collaboration between government and industry to defend against foreign cyber threats.
So, what lessons can be learned from Russia's invasion from a cybersecurity prospective? Mike Heredia, Vice President, EMEA & APAC, at XM Cyber, discusses with SecureWorld News:
"We need to think differently. The traditional model of building long siloed lists of exposures and technical weaknesses, prioritizing based on CVSS and other scoring mechanisms, and then and trying to plug these gaps is not scalable nor is it efficient. Annual or half-yearly penetration tests are not fit for purpose.
Organizations need a continuous view of how critical infrastructure can be attacked and what are the most efficient steps that can be taken to eradicate this risk on a day to day and week to week basis. Compliance standards and national security frameworks need to evolve FAST; organizations need to be mandated to have a continuous attack simulation that shows how the internal attack surface can be traversed by attackers given the latest attack techniques that can be used.
Defenders of dynamic, large, and complex critical infrastructure need to have constant visibility of exactly how an attacker can create the exploitable attack paths that will ultimately lead towards the compromise of critical systems."
As the United States continues to face these threats, it is essential that organizations remain vigilant and take proactive steps to defend their networks. This includes implementing robust cybersecurity measures, conducting regular vulnerability assessments, and staying up to date on the latest threats and attack techniques.
Follow SecureWorld News for more stories related to cybersecurity.
