The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory to warn US organizations of data wiping attacks targeting Ukraine that could hit targets worldwide.
The US agencies believe that further disruptive data wiping attacks could target organizations in Ukraine and may unintentionally spill over to organizations in other countries.
This joint Cybersecurity Advisory (CSA) provides information on the two wipers as well as indicators of compromise (IOCs) that could be used by defenders to detect and prevent infections. The advisory also provides recommended guidance and considerations for organizations to address as part of network architecture, security baseline, continuous monitoring, and incident response practices.
“Destructive malware can present a direct threat to an organization’s daily operations, impacting the availability of critical assets and data. Further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries.” reads the advisory. “Organizations should increase vigilance and evaluate their capabilities encompassing planning, preparation, detection, and response for such an event.”
Below is the list of actions recommended to the organizations:
• Set antivirus and antimalware programs to conduct regular scans.
• Enable strong spam filters to prevent phishing emails from reaching end users.
• Filter network traffic.
• Update software.
• Require multifactor authentication.
The advisory also includes recommendations for System and Application Hardening and Recovery and Reconstitution Planning along with Incident Response instructions.
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – hacking, data wiping attacks)