U.S. Dept. Of Homeland Security And The FBI’s Cybersecurity Issue New Advisory
Last week, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory to warn organizations that Russian state-sponsored cyber actors have gained network access through exploitation of default multi-factor authentication (MFA) protocols and a known vulnerability.
One of the most important security practices to reduce the risk of intrusions remains MFA and every organization should implement it for all users.
The Advisory notes that now, more than ever, organizations must put their Shields Up to protect against cyber intrusions.
Actions that executives and leaders can implement to help protect against this Russian state-sponsored malicious cyber activity include enforcing MFA; reviewing configuration policies; ensuring inactive accounts are disabled uniformly across the active directory and MFA systems; and patching all systems, especially prioritizing known exploited vulnerabilities.
CISA and FBI encourage all organizations to be cognizant of this threat and encourage all organizations to review their Shields Up webpage to find recommended guidance and actions, and a technical webpage with guidance from CISA and the Joint Cyber Defense Collaborative (JCDC).