MAINE STATE CHAMBER OF COMMERCE
  • About Us
    • Connect with Us
    • Affiliates & Partners
    • Our Board
    • Meet the Team
    • President's Message
    • External Social Media Policy
  • Membership
    • Benefits of Membership
    • Join the Chamber
    • Return on Investment
    • Member Search
  • Public Policy
    • Public Hearings of Interest
    • Legislation of Interest
    • Public Policy Committees
    • Grassroot Resources
    • Find Your Legislator >
      • Representatives
      • Senators
  • Events
    • Calendar of Events
    • 2022 Annual Meeting
    • Sponsorship Opportunities
    • Business Day at the Statehouse
    • Board Meetings & Board Events
    • DC Fly-In
    • Legislative Social
    • Policy Issues Workshops
    • Regional Breakfasts
    • Scramble for Scholars
    • Webinars by The Maine State Chamber of Commerce
  • Initiatives
    • Campus Career Connect
    • Dream It. Do It.
    • Education Foundation
    • Keep Maine Competitive
    • Maine Economic Research Institute (MERI)
    • This is ME Counting on You
    • Senior Leaders of Tomorrow Development Program
  • Newsroom
    • COVID-19 Resources
    • Impact Newsletter
    • MSCC Blog
    • The Bottom Line
    • The Maine Take
    • Making Maine Work
    • MERI Roll Call
    • OneVoice Maine Magazine
    • Policy Brief Series with Educate Maine
    • Press Kit
  • Member Login

CISA, FBI, and NSA issue cybersecurity advisory on Russian cyber threats to U.S. critical infrastructure

1/11/2022

0 Comments

 
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the National Security Agency released a joint Cybersecurity Advisory (CSA), Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure. The CSA provides an overview of Russian state-sponsored cyber operations; commonly observed tactics, techniques, and procedures (TTPs); detection actions; incident response guidance; and mitigations. This advisory is being released to as part of our continuing cybersecurity mission with our interagency partners to warn organizations of potential cyber threats.

Additional Resources:
Picture
  • stopransomware.gov is a one-stop shop for learning about ransomware, accessing resources on how to respond to a ransomware attack, etc.
  • Report Ransomware | CISA – where to report a ransomware attack
  • CISA Cybersecurity Awareness Program Small Business Resources | CISA – resources for small businesses (there are a bunch of toolkit pdfs to choose from)

CISA, the FBI, and NSA encourage the cybersecurity community—especially critical infrastructure network defenders—to adopt a heightened state of awareness and to conduct proactive threat hunting. Additionally, we strongly urge network defenders to implement the CSA’s recommendations and mitigations, which will help organizations improve their functional resilience by reducing the risk of compromise or severe business degradation.

The CSA, which uses the MITRE ATT&CK® for Enterprise framework, version 10, includes technical details, including previously identified vulnerabilities known to be exploited by Russian state-sponsored APT actors for initial access. The three agencies strongly urge critical infrastructure leaders to take a few immediate actions, including:
  • Be prepared. Confirm reporting processes and minimize personnel gaps in IT/OT security coverage. Create, maintain, and exercise a cyber incident response plan, resilience plan, and continuity of operations plan so that critical functions and operations can be kept running if technology systems are disrupted or need to be taken offline.
  • Enhance your organization’s cyber posture. Follow best practices for identity and access management, protective controls and architecture, and vulnerability and configuration management.
  • Increase organizational vigilance. Stay current on reporting on this threat. Subscribe to CISA’s mailing list and feeds to receive notifications when CISA releases information about a security topic or threat.

For the complete list of immediate actions that include actions for improving functional resilience and incident response resources, executives and IT professionals should review this CSA in its entirety at https://www.cisa.gov/uscert/ncas/alerts/aa22-010a. Further, critical infrastructure organization leaders should review CISA Insights: Preparing for and Mitigating Cyber Threats for information on reducing cyber threats to their organization.
 
CISA encourages critical infrastructure executives and senior leaders to review the CISA Insights for guidance on proactively preparing their organizations for an incident. In addition, CISA encourages critical infrastructure organizations to take a closer look at themselves, their facilities, and their operations from the outside-in. Knowing how you may be exposed or targeted will help you to be better prepared (to act, collaborate, and report).
0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Archives

    March 2023
    February 2023
    January 2023
    December 2022
    September 2022
    August 2022
    June 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    September 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    August 2020
    July 2020
    June 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019

    RSS Feed

Copyright Maine State Chamber of Commerce. All rights reserved.
 128 State Street | Suite 101 | Augusta, ME 04330-5630
 Phone: (207) 623-4568
For media inquiries, please contact Jen Webber, (207) 939-0213
For membership inquiries, please contact Mark Ellis. (207) 623-4568
  • About Us
    • Connect with Us
    • Affiliates & Partners
    • Our Board
    • Meet the Team
    • President's Message
    • External Social Media Policy
  • Membership
    • Benefits of Membership
    • Join the Chamber
    • Return on Investment
    • Member Search
  • Public Policy
    • Public Hearings of Interest
    • Legislation of Interest
    • Public Policy Committees
    • Grassroot Resources
    • Find Your Legislator >
      • Representatives
      • Senators
  • Events
    • Calendar of Events
    • 2022 Annual Meeting
    • Sponsorship Opportunities
    • Business Day at the Statehouse
    • Board Meetings & Board Events
    • DC Fly-In
    • Legislative Social
    • Policy Issues Workshops
    • Regional Breakfasts
    • Scramble for Scholars
    • Webinars by The Maine State Chamber of Commerce
  • Initiatives
    • Campus Career Connect
    • Dream It. Do It.
    • Education Foundation
    • Keep Maine Competitive
    • Maine Economic Research Institute (MERI)
    • This is ME Counting on You
    • Senior Leaders of Tomorrow Development Program
  • Newsroom
    • COVID-19 Resources
    • Impact Newsletter
    • MSCC Blog
    • The Bottom Line
    • The Maine Take
    • Making Maine Work
    • MERI Roll Call
    • OneVoice Maine Magazine
    • Policy Brief Series with Educate Maine
    • Press Kit
  • Member Login