Top officials from the Cybersecurity and Infrastructure Security Agency (CISA) said they briefed more than 13,000 industry stakeholders on March 22 about the Federal government’s latest warning about possible Russian cyberattacks that may be directed against U.S. critical infrastructure sectors.
“CISA echoed the President’s warning on the call today and reinforced the urgent need for all organizations, large and small, to act now to protect themselves against malicious cyber activity,” the agency said.
CISA said the three-hour briefing call was designed to answer industry questions, and to drive home two asks of industry: 1) heed CISA’s “Shields Up” guidance delivered to government and industry last month in the run-up to Russia’s invasion of Ukraine; and 2) contact CISA immediately if organizations believe they have been “impacted by a cyber incident.”
“When cyber incidents are reported quickly, CISA can use the information to render assistance and help prevent other organizations and entities from falling victim to a similar attack,” the agency said.
The Shields Up guidance includes:
- Use of multi-factor authentication;
- Update software, and continuously scan for threats and mitigate them;
- Back up data and have offline backups beyond the reach of hackers;
- Run emergency exercises and drills;
- Encrypt data;
- Use CISA’s free cyber hygiene services; and
- Educate employees about common attack tactics, and ask them to report unusual behavior.
CISA said the March 22 briefing builds on similar sessions the agency has been holding since late last year with government and private sector stakeholders. “This outreach was provided to Federal Civilian Executive Branch Agencies, Sector Risk Management Agencies, private sector partners, state, local, tribal, and territorial (SLTT) governments, and international partners,” the agency said.