The U.S. Cybersecurity and Infrastructure Security Agency (CISA) distributed CISA Insights: “Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats” to critical infrastructure stakeholders.
The CISA Insights release outlines a number of near-term, urgent steps that should be taken to harden systems against cyber threats. A copy of the CISA Insights release can be found here: https://www.cisa.gov/sites/default/files/publications/CISA_Insights-Implement_Cybersecurity_Measures_Now_to_Protect_Against_Critical_Threats_508C.pdf
The CISA Insights release is intended to complement recent CISA communications concerning Russian cyber threats to U.S. critical infrastructure. CSDA members may review this blog post for details on a recent CISA alert on this topic: Federal Cybersecurity Officials Issue Advisory for Critical Infrastructure Operators (csda.net)
From the CISA’s stakeholder communication accompanying the January 18 CISA Insights release:
This afternoon we released a CISA Insights titled “Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats.”
The audience for this product is critical infrastructure owners and operators, business organizations, and state, local, tribal, and territorial governments of all sizes across the country. CISA Insights are intended to drive immediate action, with a focus on actions that could be implemented by most organizations in the next four weeks. This product complements the recent Russia-focused CSA, Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure, which remains the most comprehensive document for network defenders to protect against the ongoing cyber threat posed by Russian state-sponsored malicious cyber actors. Meanwhile, CISA is closely monitoring developments in Ukraine and will update stakeholders as appropriate.
…
All organizations, regardless of sector or size, should immediately:
- Reduce the likelihood of a damaging cyber intrusion.
- Take steps to quickly detect a potential intrusion.
- Ensure that the organization is prepared to respond if an intrusion occurs.
- Maximize the organization's resilience to a destructive cyber incident.
We are asking all organizations to report incidents and anomalous activity to CISA and/or the FBI via local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.
CISA also recommends network defenders review CISA's Russia Cyber Threat Overview and Advisories page for more information on Russian state-sponsored malicious cyber activity.