Skip to Main Content

CISA Urges Mitigation After White House Warns of Russian Cyber Incidents

There are special tools to help organizations protect their infrastructures from malicious Russian cyber activity.

7m read
Written by:
CISA Director Jen Easterly discusses defense efforts at Fortune's Brainstorm Tech conference
CISA Director Jen Easterly discusses defense efforts at Fortune's Brainstorm Tech conference in December 2021. Photo Credit: Nick Otto / CC BY-NC-ND 2.0

The Cybersecurity and Infrastructure Security Agency (CISA) is calling on all organizations big and small to take immediate action in guarding their networks against possible cyberattacks by Russia.

Last week the Biden-Harris Administration issued a warning that Russia may engage in malicious cyber activity as a result of the recent economic sanctions imposed by the U.S. following the Russian invasion of Ukraine.

According to CISA Director Jen Easterly, every business and entity should consider themselves at risk and be prepared for a possible cyber incident.

CISA, along with other federal agencies such as the Department of Energy (DOE) and the FBI, recently participated in a call providing an overview of the current cyber risk landscape. CISA encouraged everyone to take the necessary steps to keep their networks safe.

Organizations can help limit damage and prevent further attacks when they report cyber incidents quickly, the agency said.

“Resilience is crucial — I’m encouraging everyone to be prepared to respond so we can recover rapidly by assuming disruptive cyber activity will occur,” Easterly said.

CISA leaders also encouraged organizations to visit its Shields Up website for guidance and specific tools to help defend networks.

Matt Hartman, deputy executive assistant director for cybersecurity at CISA, wants everyone to understand the key message: now is not the time to let down our collective guard.

“Everyone should do their part to bolster their cybersecurity posture. Invest as much as you can to build up your technology capacity to prevent incidents,” Hartman said.

CISA has advised every organization to do the following:

  • Actively hunt for Russian malicious actors on your network
  • Secure credentials
  • Take note of unexpected equipment behavior, such as unexpected reboots
  • Encrypt your data so it cannot be used if it is stolen

CISA, DOE and the FBI collectively released a cybersecurity advisory describing how a group of indicted Russian cyber actors launched several intrusion campaigns targeting the U.S. and international energy sector organizations from 2011 to 2018.

In addition to unsealed indictments from the Justice Department, the advisory outlined the cybersecurity efforts involved with the Havex and TRITON malware incidents in 2013 and 2019, respectively.

This latest advisory drills home concerns about malicious Russian cyber actors threatening critical infrastructure networks.

“In light of the indictments announced today and evolving intelligence that the Russian government is exploring options to conduct potential cyberattacks against the U.S., CISA, along with our FBI and DOE partners, is issuing this joint advisory to reinforce the demonstrated threat posed by Russian state-sponsored cyber actors,” Easterly said. “While the intrusions highlighted in this advisory span an earlier period of time, the associated tactics, techniques, procedures and mitigation steps are still highly relevant in the current threat environment. We urge all organizations, large and small, to carefully review this advisory, as well as visit www.cisa.gov/shields-up for regularly updated information on steps, you can take to protect yourself and your business.”

Related Content
Woman typing at computer

Stay in the know

Subscribe now to receive our curated newsletters

Subscribe