Last week, the Cybersecurity and Infrastructure Security Agency (CISA) held a three-hour call with over 13,000 industry stakeholders to provide an update on potential Russian cyber-attacks against the U.S. This call was scheduled after President Biden announced evolving intelligence reports indicate the Russian government is exploring options to conduct potential cyber-attacks against the United States. CISA officials asked that organizations lower their threshold for reporting unusual network activity to federal agencies. Although legislation has been introduced to make this type of reporting a requirement for critical infrastructure organizations, it could take years for it to go into effect. Industry leaders voiced their frustration on the call, telling CISA officials both the FBI and CISA ask them to report network intrusions, and although the information should be shared between the two agencies, industry leaders feel communication has broken down between federal agencies, state authorities and local governments. Industry leaders also voiced frustrations over classified information, stating that some information regarding cyber threats cannot be disseminated due to its level of classification by federal agencies. CISA director Jen Easterly stated that they would work to get information out to the appropriate level and declassify information as quickly as possible. Frustrated individuals on the call also stated that CISA has limited resources and requested more cybersecurity services to help proactively look for weaknesses in an organization’s defenses. Director Easterly agreed with the industry leaders and assured them they are working to provide everything they can to critical infrastructure organizations.
Analyst Notes
Bolstering cybersecurity resources has been discussed amongst the Biden administration since the President took office. The increased threat from Russia following their invasion of Ukraine has put these concerns in the spotlight. More resources and reporting requirements are now at the forefront of the Biden administration’s priorities. It still will take time for any changes to take effect and organizations must take it upon themselves to strengthen their defenses. Director Easterly encouraged organizations of all sizes to have their Shields Up to cyber threats and take proactive measures now to mitigate risk to their networks. They encouraged those on the call to visit CISA.gov/Shields-Up to take action to protect their organizations and themselves and urged all critical infrastructure providers to implement the mitigation guidelines enumerated on CISA.gov/Shields-Up, including:
• Mandate the use of multi-factor authentication on systems to make it harder for attackers to get onto systems
• Update software on computers and devices to continuously look for and mitigate threats
• Back up data and ensure the organization has offline backups beyond the reach of malicious actors
• Run exercises and drill emergency plans to be prepared to respond quickly to minimize the impact of attacks
• Encrypt data
• Sign up for CISA’s free cyber hygiene services
• Educate employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly
https://www.washingtonpost.com/politics/2022/03/28/public-gets-peek-into-tensions-between-us-cyber-officials-industry/
https://www.cisa.gov/news/2022/03/22/readout-cisa-call-critical-infrastructure-partners-potential-russian-cyberattacks
