In a statement released on March 21st, 2022, the White House is advising businesses to protect their organization from threat actors immediately. This is due to a rising level of concern around online attacks perpetuated from Russia.
The US Federal Government is launching an action plan around preventing cyber threats moving forward, and is advising private organizations in the US to do everything in their power to protect their own systems.
Their advice includes the following:
- Require MFA for your organization to prevent a threat actor from gaining access to your critical systems using your user’s credentials. This second factor of authentication can be implemented using an SMS code, MFA token, Authenticator application on your cell phone, or other methods.
- Deploy tools to protect your devices that can investigate logs on the local devices, alert your team to any potential threats, and protect the local devices.
- Work with professionals to ensure all of your systems are up-to-date, protected, and passwords are secure with best practices and other industry standards.
- Ensure your backups are working, and verify that they are off site, beyond the reach of malicious actors.
- Do a test Disaster Recovery scenario where you restore your files back to your office, or digitally, to ensure you are able to keep your business running in the worst case scenario.
- Encrypt all information so even if it is stolen, it cannot be used.
- Train and educate all of your employees, so they know what to look for in a malicious email, for example, and know how and who to report an incident to.
- Engage with your local FBI office so have a working relationship in case of an incident.
The US Government also requests that Software and Tech businesses strengthen the way they write their code, making sure to keep their clients protected, and require a stronger level of overall protections to stay safe.