Citing the ongoing Russian-Ukraine conflict, the cyber, intelligence, and supply chain security division of the United States Chamber of Commerce held a special briefing to inform members of the critical need for businesses to immediately begin securing their critical cyber infrastructure.

The briefing held on Thursday March 4^th, emphasized the need for businesses to step-up their cyber security safeguards. The Office of the Director of National Intelligence (DNI) highlighted the danger posed by Russia’s cyber capabilities and their ongoing threat to critical United States cyber infrastructure. Russia continues to target critical US infrastructure and industrial control systems.

Though there are no current signs of an immediate Russian cyber-attack, the Cyber, Intelligence, and Supply Chain Security Division (CISCS) did not rule out future Russian cyber-attacks on U.S. economic institutions. The ongoing Russia-Ukraine Crisis should be a wake-up call for businesses to secure their cyber infrastructure.

CISCS provided a cyber security guideline (see below) that all businesses should adhere to safeguard their cyber infrastructure. This guideline is modeled after the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the NSA to adopt a heightened state of awareness and to conduct proactive cyber threat hunting.

Top Cyber Preparedness Tips:

1. Raise awareness of the possibility of increased malicious activity with your employees.
2. Enable multifactor authentication for all internet-facing systems.
3. As a precaution, please consider resetting privilege/administrator passwords on all company devices.
4. Update all software patches now, don’t wait.
5. Verify your cyber incident response plans are up to date - Review, practice, and update your playbooks.
6. Consider moving a copy of your backups outside the area of increased threats depending on your regulatory requirements. Please check with your in-house legal teams before doing so.
7. Be prepared to block all traffic to/from areas with increased threats.
8. Prepare to lift and shift “crown jewels” such as IP, credit cards, financial systems etc. into the Cloud – where necessary and outside the region.
9. Prepare to increase the protection of your infrastructure against distributed denial of service attacks.

Resources:

1. US Chamber of Commerce – Ukraine Cyberattacks: What Businesses Need to Know
2. Cybersecurity and Infrastructure Security Agency - Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
3. ComputerWeekly.com - Russia-backed advanced persistent threat likely to ramp up attacks
4. Director of National Intelligence: 2021 ANNUAL THREAT ASSESSMENT OF THE U.S. INTELLIGENCE COMMUNITY
5. Director of National Intelligence – Worldwide Threat Assessment