Seebald LinkedIn

Cyber Threat

In the past month, the Cybersecurity and Infrastructure Security Agency (CISA) has published a series of alerts and advisories related to cyber threats to U.S. critical infrastructure from Russian state sponsored cyber operations.  In some cases, these advisories have been jointly released by CISA, the Federal Bureau of Investigation, and the National Security Agency.  Coast Guard Captains of the Port and Area Maritime Security Committees have also distributed these advisories to port partners.

We are continuing that process to be sure that all Seebald & Associates clients are aware of the threat, and the actions you can take to improve your preparedness.

I also want to be sure that everyone understands why conflicts thousands of miles from our borders could be a threat to your operations and security.

First, State sponsored cyber attackers may target U.S. infrastructure in retaliation for any actions the U.S. takes as part of this conflict.

Second, the nature of malware is that it moves quickly from targeted to non-targeted systems, with no need for additional human direction.  From the attacker’s perspective, the harm to third parties is simply a bonus.

Third, recognize that cyber disruptions to your systems, whatever their origin, may increase your vulnerability to cyber and non-cyber-attacks.  This could be due to degraded security systems, such as cameras and sensors, or simply because leadership and front line personnel alike are focused on other areas. 

Some of the most relevant advisories on this topic include

Russia Threat Advisory, https://www.cisa.gov/uscert/russia

Understanding Russian Threats, https://www.cisa.gov/uscert/ncas/alerts/aa22-011a

“Shields Up”, https://www.cisa.gov/shields-up

CISA/FBI/NSA Joint Advisory, https://www.cisa.gov/uscert/ncas/current-activity/2022/01/11/cisa-fbi-and-nsa-release-cybersecurity-advisory-russian-cyber

Current Activity:  https://www.cisa.gov/uscert/ncas/current-activity

So take the time now to discuss security with your physical and cyber security personnel alike.  Ensure your cybersecurity personnel are fully aware of the risk and have taken action appropriate to your network.  Ensure physical security personnel are also aware and alert for suspicious activity and other security concerns.

As always, please contact Seebald & Associates for all your security needs.