U.S. Infrastructure Operators Urged To Harden Security Immediately
The Biden White House this week warned that U.S. "critical infrastructure" operators should "harden their cyberdefenses immediately" against possible Russian attacks.
The message was a repeat warning from similar White House communications back in November, presaging Russia's attack on the Ukraine. However, now "evolving intelligence" is suggesting that "the Russian Government is exploring options for potential cyberattacks" on U.S. infrastructure, the March 21 White House statement indicated.
Steps To Take
The security hardening steps organizations should observe are summarized in this "Fact Sheet" statement that accompanied the White House warning.
In short, the White House wants organizations to use "multifactor authentication," a secondary means of verifying identity beside a user name and password, although organizations should avoid misconfigurations. Network systems should be patched and protected. Organizations should use tools to detect and address threats.
Organizations also should have "offline backup" systems in place that can't be reached by attackers. Data should be encrypted to make it useless to attackers.
Drills should be conducted to test emergency response plans in organizations should an attack happen. Employees should be educated on common attack methods that can occur via e-mail or Web sites.
Organizations should reference CISA and FBI Web sites for technical information and resources.
The White House "Fact Sheet" also appealed to software makers to build security into their products from the beginning. They should isolate the systems on which their software is built to prevent tampering, and use automated code-review tools to detect and fix vulnerabilities. Software makers should also use a "software bill of materials" to keep track of the software components they use, including open source code.
Private Sector Ownership
The White House made its appeal to critical infrastructure operators, such as pipeline, water and electricity utility operators, with the understanding that a lot of that infrastructure isn't wholly under federal government control.
"Most of America's critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors," the statement indicated.
The White House appeal has precedent. In May of last year, privately owned Colonial Pipeline's operations were disrupted by a ransomware attack. It temporarily disrupted about 45 percent of fuel supplies to the U.S. East.
Following the Colonial Pipeline attack, CISA (Cybersecurity and Infrastructure Security Agency) and the FBI had issued similar advice on what infrastructure operators should do to harden security.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.