FBI, CISA advise 13,000 orgs to have 'low threshold' for reporting cyberattacks
The Cybersecurity and Infrastructure Security Agency (CISA) held an informational call with 13,000 organizations on Tuesday night, highlighting the need for them to be prepared in light of U.S. government concerns about threats of a potential Russian cyberattacks.
“There is evolving intelligence that Russia may be exploring options for potential cyberattacks against the U.S.,” CISA director Jen Easterly told those on the call.
She noted that government bodies are focusing their efforts on notifying and helping protect organizations in what she called “lifeline sectors.” These sectors include communication, transportation, energy, water, and financial services, according to Easterly.
The three-hour call also included detailed information from CISA deputy executive assistant director for cybersecurity Matt Hartman and FBI deputy assistant director for the cyber division Tonya Ugoretz.
Hartman noted that CISA has seen threats to the satellite communication networks of the US and other NATO members.
The officials urged companies to visit CISA’s Shields Up website and take a range of measures to protect themselves including mandating multi-factor authentication, updating software, having back ups, running emergency training exercises and encrypting data.
They also urged organizations to notify them in the event of any signs of compromise, with Ugoretz specifically saying there should be a “low threshold for reporting suspicious activity to us.”
Ugoretz noted that the FBI believes there is also a heightened threat for ransomware attacks targeting critical infrastructure, either in support of the Russian government or to “take advantage of an even more permissive operating environment than usual.”
The call featured nearly two hours of questions from local governments, school officials, companies and other organizations questioning CISA’s guidance and what defenders should be on the lookout for.
The event came hours after CNN and CBS reported that the FBI sent out a bulletin to five US energy companies and 18 other companies about “abnormal scanning” being conducted by 140 overlapping Russian IP addresses.
On Monday, the White House held a press conference and released a statement warning that Russia is in the process of “exploring options for potential cyberattacks” as a response to the sanctions handed down by the U.S. and other countries since the invasion of Ukraine began.
The United Kingdom later echoed that message but said they had not seen “specific, targeted threats to the U.K. resulting from Russia’s illegal invasion of Ukraine.”
Russia has so far refrained from launching the kind of destabilizing cyberattacks on the US and other Ukrainian allies that some predicted at the start of the Ukraine invasion, instead opting for DDoS attacks, website defacements and more targeted specifically at Ukraine’s government.
Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.