The recent statement from the Biden Administration that includes the following, “..based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks,” we must harden our defenses and be on heightened alert.
Tensions are rising between Russia and the rest of the world and as a result, the U.S. critical infrastructure is under increased threat. These malicious cyberattacks can impact the lives of millions of citizens, causing disruption and significant operational downtime in lifeline services such as water, power, healthcare services, and supply chains.
The Biden Administration has already mandated extensive cybersecurity measures for the Federal Government and critical infrastructure sectors. These include Executive Order 14028 – a government-wide effort to ensure that baseline security practices are in place to migrate the Federal Government to a Zero Trust architecture (ZTA) and realize the security benefits of cloud-based infrastructure while mitigating associated risks.
Now, the White House is reiterating its warnings and calling upon the private sector to work alongside government agencies and implement best practices to harden the cybersecurity of our nation’s critical infrastructure. The Cybersecurity & Infrastructure Security Agency (CISA) is helping with its Shields Up initiative that provides a repository of advisories, guidance, services, and best practices. Among CISA’s recommendations are to initiate active threat hunting in your environment and to monitor for unusual OT behavior. CISA has been proactive in communicating the state of concern and recommending actions which will put agencies and organizations in a more resilient posture. The most recent CISA Alert (AA22-083A) regarding TTP’s of indicated State-Sponsored Russian Cyber Actors Targeting the energy Sector highlighted ICS Best Practices that include a few key elements:
Due to the explosion of digital assets in the past few years, many private and public sector organizations experience a “visualization gap” where IT and security leaders can’t see all the vulnerable assets within their environment. Continued migration to the cloud, the move to mobile and BYOD, the convergence of IT/OT/IoT, and the sharp increase in remote working have changed how organizations must approach cybersecurity. They can no longer depend on conventional perimeter-based or identity-based defenses alone to protect critical systems and data.
Operational silos have developed between cybersecurity, physical security, supply chain security, product security, health, and safety systems. These create multiple attack surfaces that bad actors exploit, often leveraging vulnerable IT assets to disrupt OT systems. Even if an organization isn’t the direct target of a cyberattack, these attacks may spill to other areas, networks and devices might be affected or have vulnerable devices co-opted into botnets and used as part of a more extensive DDoS cyberattack against critical infrastructure targets.
To answer this call to action and protect our critical infrastructure, organizations need to shore up their cybersecurity postures to withstand these cyberattacks with clear visibility into their risks, interconnected assets, IT governance, and response plans. A single source of truth can provide an accurate picture of everything in their environment.
We work with public and private sector customers and partners to close the IT/OT visualization gap and provide situational awareness of every asset so that our national infrastructure is protected. We enable organizations to protect against cyberattacks by giving them a way to see and secure all IT, OT, IoT, IoMT, virtual, cloud workloads, software, managed and unmanaged assets. Full visibility and intelligence about your assets gives you the Situational Awareness needed for an effective and resilient cybersecurity framework.
Check out our Solutions Brief to learn more about how we can help with a structured defense-in-depth response plan, or visit our resource page at: https://www.armis.com/russian-cyberattacks/.
Sign up to receive the latest news