FINRA Alert: CISA Alert (AA22-110A) – Threats to Critical Infrastructure

BW Cyber wants you to be aware of a recent CISA alert (AA22-110A) – Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure – sent by FINRA.

A recent alert from CISA – jointly by cybersecurity authorities of Australia, Canada, New Zealand, and the United Kingdom – advised that because of recent economic sanctions on Russia by the U.S., malicious cyber activity is inevitable.

The CISA alert is divided into two sections.

1. Section one provides an overview of the Russian actors and the state-sponsored organizations that are capable to carry out various types of cyberattacks.
2. Section two outlines the controls and effective practices firms should implement to prevent issues – steps your organization can take to prepare and respond with a proactive mindset when and if these attacks occur.

FINRA draws our attention to the second section outlining how organizations can prevent, prepare, and respond accordingly to a cyberattack. 

• Preventing Cyber Incidents:
  • Prioritize the application of software updates and security patching.
  • Implement strong access management procedures (adding, removing & reviewing access) across all systems including cloud systems.
  • Enforce multi-factor authentication (MFA).
  • Implement network segmentation to separate network segments based on role and functionality.
  • Provide cybersecurity end-user awareness and training.
• Preparing for Cyber Incidents:
  • Create, maintain, and test an incident response plan. Preserve a hard copy of the plan.
  • Maintain encrypted and immutable offline backups.
  • Ensure adequate logging and monitoring capabilities in support of incident investigations.
• Responding to Cyber Incidents:
  • Activate and follow your incident response plan.
  • Immediately isolate all infected systems.
  • Engage third-party expertise and report to appropriate law enforcement or regulatory bodies.

For more information on how BW Cyber, LLC can assist you, please contact us at info@bwcyberservices.com.

RESOURCES:

• CISA Source: https://www.cisa.gov/uscert/ncas/alerts/aa22-110a
• BW’s Managed Detection and Response – https://www.bwcyberservices.com/services/managed-detection-response/
• BW’s Incident Response and Forensics – https://www.bwcyberservices.com/services/incident-response-forensics/
• BW’s Cybersecurity Risk Assessment – https://www.bwcyberservices.com/services/cybersecurity-risk-assessment/