720-891-1663

Return to list of client alerts

CISA Urges US Orgs to Prepare for Data Wiping Attacks Like Ukraine

Whether the Ukraine attacks this month were run by Russia or Belarus, the results are the same. Websites were defaced and data-wiping malware was deployed to corrupt devices and make them unusable.

Authorities are looking at several possibilities for the source of the attacks including supply chain attacks, stolen credentials, Log4j vulnerabilities and other methods.

CISA is telling U.S. businesses to take aggressive steps to reduce the likelihood of being the next victim.

With relations between the U.S. and countries like Russia and China being strained, it is not a big stretch to think that those and other adversaries might think, “hmm, that looks pretty easy and effective, let’s do that”.

Among CISA’s recommendations are:

  • Ensure that all, repeat all, remote access and privileged or administrative access requires two factor authentication.
  • Ensure that all known vulnerabilities are patched. This means computers, phones and all applications.
  • Confirm that all unneeded ports and protocols to the company’s networks and systems are disabled.
  • Implement strong security controls for any cloud services. CISA has released guidelines for this too.
  • If you are eligible, sign up for CISA’s free cyber hygiene services (typically this means government at some level or critical infrastructure).

CISA also made recommendations on how to quickly detect a potential intrusion and how to maximize the organization’s resilience to destructive attacks. Credit: Bleeping Computer

If you need help, please contact us.