Russian actions spur ‘shields-up’ warning from U.S. cybersecurity agency

As the Russian invasion of Ukraine continues, experts are urging American businesses to double down on their cybersecurity protocols.

“The reason why there are these bulletins coming out, especially directed at small and medium-size businesses, is that we have learned the hard way about the fragility of the global supply chain,” says Theresa Payton, a former White House chief information officer under George W. Bush, as reported by Inc.

In mid-February, the Cybersecurity and Infrastructure Security Agency, a federal agency that seeks to improve cybersecurity readiness, issued a “shields-up” warning, urging organizations to reduce their chances of a cyberattack and ensure they’re prepared for a breach. Given how interconnected the world is, cyberattacks against Ukraine could reach U.S. systems, Payton says.

While assessing unusual behavior and shoring up your crisis-response team may be standard safeguards, Payton adds a few other tips, including:

Look out for DDoS attacks: If you operate as a retailer or your website is how third parties connect with you, talk to your technology services provider to learn about the protective measures they have in place.

Close side doors: Businesses should manage their logs and keep a close eye on files and other data that’s being copied, moved, zipped, or sent outside of an organization.

Roll out the encrypted backups: Make sure systems are backed up and encrypted, and keep backups separate from network connections.

Double-check MFA: Even if you’ve rolled out multifactor authentication and strong passwords, now is the time to double-check them. Businesses can check their systems on their own, but organizations may also ask an internal or external team to conduct an assessment. Russian cyber operatives are good at guessing passwords, Payton says. Read the full story from Inc.