The Cybersecurity and Infrastructure Security Agency (CISA) has warned organizations working with Ukranian counterparts to isolate and inspect traffic from the region following this month's attacks on government networks there.
The Department of Homeland Security's cyber security unit made the recommendation in a CISA Insights document published earlier this week.
"If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic," the document said.
IT personnel should be on the lookout for unusual network behavior, and organizations should have crisis response teams at the ready to handle cyber security incidents, CISA advised.
It has also urged companies to conduct tabletop exercises so that all team members understand how to quickly carry out their roles during an incident. It's also important to test backup procedures, it said.
CISA warned companies to patch software, introduce multi-factor authentication for all privileged systems, and disable non-essential ports and protocols. IT departments should review CISA's controls for securing cloud services, it added.
The agency warned about destructive malware in the Ukraine last week after Microsoft blogged about the use of Master Boot Record (MBR) wipers targeting government agencies there. The malware executes when victims power down the device and destroys all files, it said, leaving a ransomware note that serves as a ruse rather than a real demand.
This followed an earlier advisory in which CISA explained how Russian state-sponsored cyber threats were targeting US critical infrastructure.
Ukrainian officials believe the cyber attacks against the Ukraine to be of Russian origin. Microsoft also warned late last week that the full scope of the attacks might not yet be known. Embassies in the UK, the US, and Sweden were also targeted.
Tensions in the area have grown considerably in the last few days as the US warns that a Russian invasion of Ukraine is probable. This is not the first time that the country would have attacked the Ukranian cyber infrastructure. It is also believed to be the culprit in an attack on the region's electrical grid in 2015.
-
Using WinRAR? Update now to avoid falling victim to this file path flawNews WinRAR users have been urged to update after a patch was issued for a serious vulnerability.
-
Amazon CEO Andy Jassy doubles down on the company's AI focusNews Amazon CEO Andy Jassy thinks companies need to "lean into" AI and embrace the technology despite concerns over job losses.
-
Network DDoS attack protectionWebinar Protect your network infrastructure, data centers, and public cloud services against DDoS attacks
-
Securing Europe: Cloudflare's cyber security solutions for Public Sector resilienceWebinar Enhance your privacy and security with a DDoS mitigation system
-
The retail detail: Unveiling peak season Internet trendsWebinar Equipping you with ideas to help with your 2024 retail strategy
-
Automate your API security, resilience, and compliancewebinar APIs make the world go round
-
Azure VMWare Solution partner seriesWebinar How to unlock the value of Azure VMWare Solution for your organization
-
Unlocking cloud valueWhitepaper The case for network modernization
-
Solving the cloud-native app puzzle with CNAPPWhitepaper The value of integrating cloud-native application protection into security and development
-
Prioritize zero trust for better cloud securityWhitepaper Working together to enable a zero trust approach
