 |
| The Russian government warns of US retaliatory cyber attacks |
The Russian government has warned Russian organizations of security warnings and warned the United States of possible cyber retaliation for the SolarWinds violation.
Last month, SolarWinds announced a sophisticated cyberattack that triggered a supply chain attack that affected 18,000 customers.
The US government believes the attack was carried out by a hacker organization funded by a Russian state. The goal was to steal cloud data such as emails and files from US companies and government agencies. High level.
When White House press secretary Jane Psaki was asked about the cyber attacks, he replied that the United States could also retaliate against those who carried out the attacks.
As Russia continues to refuse to participate in the attack, the Russian National Center for Computer Incident Coordination (NKTsKI) has warned Russian organizations to improve the security of their networks.
NKTsKI warned: In light of the alleged ongoing attacks on computers by participating organizations against the United States and its allies, as well as the United States, which are threatening to launch electronic retaliatory attacks against the vital information infrastructure in the Russian Federation, we recommend the following measures to ensure the security of improving the information sources.
The National Computer Incident Coordination Center of Russia (NKTsKI) is part of the Federal Security Agency (FSB), which was created to detect, prevent and combat cyber attacks on the country's infrastructure and companies.
NKTsKI urges Russian institutions and agencies to take the following measures to improve network security:
- Update the company's current plans, instructions, and policies to respond to IT incidents.
- Use social engineering techniques to educate employees about potential phishing attacks.
- Run network security checks and antivirus tools to make sure they are working properly.
- Avoid using third-party DNS servers.
- Use multi-factor authentication to remotely access the corporate network.
- Determine the list of approved programs that will access the company's network.
- Ensure that system and network events are properly logged in the critical information infrastructure.
- Ensure critical parts of the information infrastructure are secure.
- Ensure that the current instructions are correct for distinguishing access rights to devices on the network.
- Restrict the firewall's access to services over the internal network.
- Use access to the station through internal services.
- Update passwords for all users according to the password policy.
- Provides virus protection for incoming and outgoing email.
- System security monitoring.
- Make sure you have the necessary security updates for the program.
In the past, the United States has avoided public retaliation from other nations that have carried out cyberattacks against the United States. If the United States attacks him in retaliation, they will likely not announce it.
The United States and affected organizations continue to investigate and respond to attacks against the SolarWinds supply chain.