We ended 2021 actively monitoring and responding to the Log4j vulnerability, which presented new opportunities for hackers to access systems and potentially impacting businesses and organizations across the country. Like many previous cyber events, the interest has faded but the US government is urging organizations to shore up defenses now in response to the increasing number – and sophistication – of attacks.
According to an article from ZDNet,
“The US Cybersecurity and Infrastructure Security Agency (CISA) has published a new 'CISA Insights' document aimed at all US organizations, not just critical infrastructure operators. The checklist of actions is CISA's response to this week's cyberattacks on Ukraine's systems and websites, which the country's officials have blamed on hackers linked to Russian intelligence services.”
Ukraine officials have revealed that dozens of systems in at least two government agencies were wiped during a recent attack.
Prior to the latest cyberattacks on Ukraine, CISA published an advisory aimed primarily at US critical infrastructure operators detailing recent Russian state-sponsored hacker tactics, techniques, and attacks on enterprise systems such as VPNs, Microsoft Exchange, VMware, Oracle software. It also spotlighted destructive attacks on operational technology (OT)/industrial control systems (ICS) networks in the US and Ukraine.
The ZDNet article shares,
“The new CISA document stresses that ‘senior leaders at every organization in the United States are aware of critical cyber risks and take urgent, near-term steps to reduce the likelihood and impact of a potentially damaging compromise.’ It added ‘If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic.’”
One of CISA’s leading recommendations is to adopt multi-factor authentication and to disable all non-essential ports and protocols, implement controls for using cloud services, and conduct vulnerability scanning. CISA also recommends creating a crisis response team that regularly prepares and trains for an event.
As we have shared in previous articles, credit unions need to have a team that includes internal IT as well as experienced partners who can act as “threat hunters” monitoring, responding, patching and locking down vulnerable systems. This type of response is required in today’s active threat environment. Organizations can no longer rely on services that just scan and report – more investigation and manual intelligence, combined with expertise, tools and dedicated time to fight these threats are required for protection.
Credit unions are responsible for member data and the purview of accountability is much broader than it has ever been. In a recent article published in CUInsight we shared 5 ways organizations can prepare for a cyber attack to reduce impact and increase speed of recovery.
What are 5 things you can do today?
Backups – when your organization is breached, you will lose assets so it is imperative to have strong back-up systems that are frequently tested and verified
EDR platform – as a business, you need strong antivirus protection – off the shelf products are not sophisticated enough
Multifactor authentication – weak passwords are an easy access point for attackers. Organizations need to encourage the creation of strong passwords and multifactor authentication
Email security – employees need to be trained on how to identify suspicious emails and what to do if they think they received one
Testing – testing the system and the protections in place along with the plan for responding to a breach are critical to ensuring the team and all affected employees know how to respond – like a fire drill
Hackers are attempting to break into networks constantly – the threats are only going to get worse. The silence of these threats makes it easy for leaders to overlook their importance.
Now more than ever, credit unions need to recognize cyber threats as a very real and immediate risk, and build a team of experts and partners who can proactively and vigilantly monitor and protect your assets and members.
Take the next step.
No matter the size or reach of your financial institution, it is critical for your organization to have a reliable, secure, and intuitive data backup and recovery solution in place to protect your data, your business, and your brand.
Fortunately, you don’t have to approach this process alone. Think|Stack is a trusted advisor to many banks and credit unions and is ready to share our team’s knowledge with your business to kick-start your backup and recovery solution.
So if you are looking for a partner with the experience, industry knowledge, and vendor relationships to help find the best enterprise data backup and recovery solution for your business, then contact the team at Think|Stack today.
We also would like to share our resource, “Cybersecurity Framework: Compliance and Protection 101,” with you, which is available for download here.
About the Author
Chris Sachse, CEO
Chris started Think|Stack in 2011 to serve organizations who serve their communities. Chris saw the important role tech and cybersecurity played in the financial services space. For over a decade Chris and his team have made it their mission to support, secure and empower credit unions to innovate through continuous technology improvement. He is an educator at heart and passionate about helping leaders and their teams understand how technology can support their goals while delivering seamless, enjoyable technology experiences to their people. As a cloud and cybersecurity leader, Chris is proud to sit on the MD Governor's Workforce Development Board as Vice Chair as well as the Cybersecurity Association of MD as Chair.