Russia’s military invasion of Ukraine has been accompanied by the deployment of malware and other cyberattacks targeting Ukrainian organizations, explain the U.S. Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) in a recent Cybersecurity Advisory. Groups targeted include the Ukrainian parliament, the Ministries of Defense and Foreign Affairs, and two of the country’s largest banks, all of which have been taken offline in recent weeks presumably through Distributed Denial of Service (DDoS) attacks. Those strikes are likely to continue, write CISA and the FBI.

Equally important, these cyberattacks are likely to jeopardize U.S. companies in the near future. According to CISA, “every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety.” Russia’s action in Ukraine raises the threat level significantly.

While CISA sees no “specific or credible threats to the U.S. homeland at this time,” the agency’s warning couldn’t be more clear: “every organization—large and small—must be prepared to respond to disruptive cyber activity.”

In their joint advisory, CISA and the FBI recommend that organizations take immediate steps to strengthen cybersecurity, including:

  • Enabling multifactor authentication,
  • Setting antivirus and antimalware programs to conduct regular scans,
  • Enabling strong spam filters to prevent phishing emails from reaching end users,
  • Updating software and patching vulnerabilities,
  • Disabling ports and protocols that are not essential, and
  • Filtering network traffic.

U.S. businesses should continue to monitor CISA communications for additional recommendations on mitigating cyber risks.

Additional Resources