Given the ongoing conflict between Russia and Ukraine, a global increase in cyber attacks around the world should be expected. Key advice is that all organizations should adopt a heightened state of awareness and be ready to respond if an attack is detected.
Organizations, in line with joint NCSC recommendations, should review their security posture, exercise readiness, and monitor for relevant cyber security developments. RedShield’s service, as a defender of our clients web assets, has a responsibility to be aware, and keenly responsive to any threat.
Our service provides ongoing and effective protection, and our team is actively monitoring intelligence reports and recommendations concerning the situation in Ukraine. In the meantime, our advice remains consistent with best practice recommendations:
- We anticipate that attackers are very likely to be using already publicly known vulnerabilities so the best defense is to make sure software is fully patched and up to date.
- We highly recommend penetration testing all critical web assets and addressing discovered vulnerabilities.
Specifically for RedShield existing clients we recommend.
- Any assets that are behind RedShield but not currently in blocking should get protected as soon as possible
- Any vulnerabilities already identified in the portal as being exploitable should be addressed with urgency
- If you have any outstanding penetration test findings, these should be immediately remediated, or shared with RedShield to be shielded
- Lastly, if you’re unsure of all of your application perimeter risks, RedShield can run a free assessment for you which highlights any vulnerable assets you may have.
Our team is available to help with any of the above steps and provide any further advice if required.
As always, we will continue to monitor the latest recommendations and vulnerability news in order to protect your sites from all attackers, no matter the source.
> Understanding and preparing for cyber threats relating to tensions between Russia and Ukraine: General Security Advisory GSA-2022-2940
> Cybersecurity & Infrastructure Security Agency (CISA): Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats.
> Cybersecurity & Infrastructure Security Agency (CISA): Understanding and Mitigation Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure.
> Canadian Centre for Cyber Security (CCCS): Cyber threat bulletin: Cyber Centre urges Canadian critical infrastructure operators to raise awareness and take mitigations against known Russian-backed cyber threat activity.