• About
  • Privacy Policy
  • Contact
Tech Newsday
  • Security
  • Future of Work
  • Mobility
  • Emerging Tech
  • Today’s News
No Result
View All Result
Tech Newsday
  • Security
  • Future of Work
  • Mobility
  • Emerging Tech
  • Today’s News
No Result
View All Result
Tech Newsday
No Result
View All Result
Home Security

US, Canada warn critical infrastructure providers of possible Russian cyber attacks

Howard Solomon by Howard Solomon
March 23, 2022
in Security
0 0
0

U.S. President Joe Biden is urging American providers of critical infrastructure, such as banks and energy companies, to be alert because of “evolving intelligence” that the Russian government is “exploring options for potential cyberattacks.”

“If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year,” he said in a statement.

“You have the power, the capacity, and the responsibility to strengthen the cybersecurity and resilience of the critical services and technologies on which Americans rely. We need everyone to do their part to meet one of the defining threats of our time — your vigilance and urgency today can prevent or mitigate attacks tomorrow.

He also released a list of things firms should do now, including mandating the use of multi-factor authentication on IT systems.

In response to questions from ITWorldCanada, a spokesperson for the Canadian Centre for Cyber Security, which advises the private sector, said it isn’t aware of any current specific threats to Canadian organizations in relation to events in and around Ukraine.

However, the spokesperson added, “there has been an historical pattern of cyber attacks on Ukraine having international consequences, such as the malware known as NotPetya in 2017. This is why we have issued unclassified threat bulletins reminding Canadian critical infrastructure operators and defenders to be aware of the risks and take mitigations against known Russian-backed cyber threat activity.

“Now is the time to take defensive action and be proactive in network monitoring and applying appropriate mitigations.”

The spokesperson said the Centre has been in touch with critical infrastructure partners “over the past several weeks to provide briefings on the Canadian cyber threat environment.”

In a press briefing Monday, U.S. deputy national security advisor for cyber Anne Neuberger said the President’s public warning follows classified briefings held last week with 100 select companies on “preparatory” work for cyber attacks it recently has seen. She wouldn’t detail what that evidence was.

She did say the classified meetings with the companies were ones Washington thinks might be affected, and included sharing resources and threat intelligence to help them harden defences. The offer included hands-on support from the FBI.

This is part of an effort including classified and unclassified briefings with firms that started last fall, she added, as well as cybersecurity orders directly given by federal agencies to companies. For example, she said, the Transportation Safety Agencies gave certain orders to pipeline companies after the ransomware attack last year on Colonial Pipeline. There have been what she called significant improvements.

“Notwithstanding these repeated warnings, we continue to see adversaries compromising systems that use known vulnerabilities for which there are patches. This is deeply troubling. So we’re urging today companies to take the steps within their control to act immediately to protect the services millions of Americans rely on and to use the resources the federal government makes available.”

Related
Six quick tactics to blunt a cyber attack from Russia – or any nation state

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has a regularly updated list of known vulnerabilities that hackers commonly use, most of which have patches available.

Failing to patch makes it easier for hackers, she said. “Lock your digital doors,” she urged companies. “Make it harder for attackers.”

“Preparatory activity” could include scanning websites or looking for IT vulnerabilities, she said. “We’ve given a number of threat warnings over the last number of weeks that Russia could consider conducting cyber attacks in response to the significant economic costs the U.S. and partners have put on Russia” for invading Ukraine. “The latest intelligence “speaks to evolving threat intention and a potential shift in intention to do so.”

“To be clear,” Neuberger added, “there is no certainty there will be an incident on critical infrastructure. But because of evidence of preparations the government has seen, it wants to urge critical infrastructure providers to pick up the pace of their work. “This is a call to action and a call to responsibility for all of us,” she said.

The U.S. and Canada largely have the same list of industries that fit into the definition of critical infrastructure. In Canada the list appears shorter because industries are folded into one heading (for example, energy producers). On the U.S. side the list separately enumerates dams, chemical producers, communications providers, emergency services providers, the financial sector, governments at all levels, IT producers, transportation firms, nuclear reactors, water producers, the healthcare sector, food providers, critical manufacturers, the defence sector and commercial facilities (such as malls and hotels).

There are four implications of the new Ukraine-Russia advisory from the White House, said Karthik Kannan, CEO of Anvilogic:

  • firms should act immediately on tactical low-hanging fruit initiatives such as multi-factor authentication, disaster recovery/backup practices, regular patching for vulnerabilities;
  • firms should make continuous investment in threat detection;
  • application developers must, if they haven’t done so already, start thinking security in their daily development processes to make stronger and more resilient applications that are harder to breach;
  • companies must collaborate with their peers and with government agencies to learn more about threats as well as share best detection/response/mitigation practices.
The post US, Canada warn critical infrastructure providers of possible Russian cyber attacks first appeared on IT World Canada.
Tags: Canadian Centre for Cyber Securitycyber attacksDIdotGovGovernment of CanadapostmediaPrivacy & SecurityPublic SectorRussiatop storyU.S. government

Subscribe

About Tech News Day

In just 10 minutes you will have all your leadership tech news needs covered. Our Editors browse the top tech news sites for you, get rid of the fluff and post summaries of the best. Our content is created by trained professionals and enhanced for IT leaders using leading edge artificial intelligence.

About

Tech Newsday

Tech News Day picks the new, most relevant tech stories.

Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize these to give you a quick summary and the key takeaways.

SUBSCRIBE

Categories

  • Artificial Intelligence
  • Auto Tech
  • Blockchain
  • Careers & Education
  • Channel Strategy
  • Cloud
  • Communications & Telecom
  • Companies
  • Data & Ananytics
  • Development
  • Digital Transformation
  • Distribution
  • Diversity & Inclusion
  • eCommerce
  • Emerging Tech
  • End User Hardware
  • Engineering
  • Financial
  • Fintech
  • Future of Work
  • Governance
  • Government & Public Sector
  • Human Resources
  • Infrastructure
  • IoT
  • Leadership
  • Legal
  • Legislation & Regulation
  • Managed Services & Outsourcing
  • Marketing
  • Martech
  • Medical
  • Mobility
  • Not for Profit
  • Open Source
  • Operations
  • People
  • Podcasts
  • Privacy
  • Security
  • Service
  • Smart Home
  • SMB
  • Social Networks
  • Software
  • Supply Chain
  • Sustainability
  • Today's News
  • Top Stories This Week
  • Women in Tech
  • Home
  • Today’s News
  • About
  • Privacy
  • Contact

2022 Tech News Day

No Result
View All Result
  • Security
  • Future of Work
  • Mobility
  • Emerging Tech
  • Today’s News

2022 Tech News Day

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Why are you leaving?

About Tech News Day

Tech News Day is a daily publication featuring key daily news stories about technology and how it affects businesses. We know that you are busy and that there’s a lot of information coming at you. While there are lots of programs that will curate based on what you have already read or followed, Tech News Day picks the new stories that we feel are most relevant.

Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize these to give you a quick summary and the key takeaways. If you want to do a deeper dive and get even more information, we provide a link to at least one of the longer stories from one of our sources (we are often following stories from more than one source).

We also have a daily podcast, published each morning so that you can get the news stories of the day from wherever you get your podcasts.

We hope you find this to be useful to you in keeping up to date in these challenging times. We love your input and opinions. You can use our feedback widget to rate individual stories or you can write us at NewsDesk@technewsday.com.

Click Here

-
00:00
00:00

Queue

Update Required Flash plugin
-
00:00
00:00