The Biden-Harris administration has repeatedly warned of the possibility of Russia engaging in malicious cyber activity against the United States in response to the unprecedented economic sanctions we have imposed. There is now an evolving intelligence that Russia may be exploring options for potential cyberattacks.
The administration has prioritized strengthening cybersecurity defenses to prepare our nation for threats since day one. President Biden’s executive order modernizes the federal government’s defenses and improves the security of widely used technologies. The President has launched public-private action plans to strengthen the cybersecurity of the electricity, pipelines and water sectors and has ordered ministries and agencies to use all existing government authorities to impose new measures cybersecurity and network defense. Internationally, the administration has brought together more than 30 allies and partners to cooperate in detecting and disrupting ransomware threats, rallied G7 countries to hold nations harboring ransomware criminals accountable, and took steps with partners and allies to publicly attribute malicious activity.
We accelerated our work in November last year as Russian President We accelerated our work in November last year when Russian President Vladimir Putin escalated his aggression ahead of his renewed invasion of Ukraine with briefings and detailed notices to U.S. businesses regarding potential cybersecurity threats and protections. The US government will continue its efforts to provide resources and tools to the private sector, including through CISA’s Shields-Up campaign, and we will do everything in our power to defend the Nation and respond to cyberattacks. But the reality is that much of the Nation’s critical infrastructure is privately owned and operated, and the private sector must act to protect essential services that all Americans rely on.
We urge businesses to take the following steps as a matter of urgency:
- Mandate the use of multi-factor authentication on your systems to make it more difficult for attackers to gain access to your system;
- Deploy modern security tools on your computers and devices to continuously scan for and mitigate threats;
- Check with your cybersecurity professionals to make sure your systems are patched and protected against all known vulnerabilities, and change passwords on your networks so that previously stolen credentials are useless to malicious actors;
- Back up your data and make sure you have offline backups out of reach of malicious actors;
- Execute drills and drill your contingency plans so you are ready to react quickly to minimize the impact of any attack;
- Encrypt your data so that it cannot be used in the event of theft;
- Educate your employees on common tactics attackers will use via email or websites, and encourage them to report if their computers or phones have exhibited unusual behavior, such as unusual crashes or very slow operation; and
- Proactively work with your local FBI office or regional CISA office to build relationships ahead of any cyber incident. Please encourage your IT and security management to visit the CISA and FBI websites where they will find technical information and other helpful resources.
We also need to focus on strengthening America’s cybersecurity for the long term. We encourage technology and software companies to:
- Build security into your products from the ground up—”bake it, don’t bolt it”—to protect both your intellectual property and your customers’ privacy.
- Develop software only on a system that is highly secure and accessible only to those actually working on a particular project. This will make it much harder for an intruder to jump between systems and compromise a product or steal your intellectual property.
- Use modern tools to check for known and potential vulnerabilities. Developers can fix most software vulnerabilities, if they know about them. There are automated tools that can examine the code and find most coding errors before the software is delivered and before a malicious actor takes advantage of it.
- Software developers are responsible for all code used in their products, including open source code. Most software is built using many different components and libraries, most of which are open source. Make sure developers know the provenance (i.e. origin) of the components they use and have a “software BOM” in place in case any of these components turn up later introduce a vulnerability so that you can fix it quickly.
- Implement the security practices prescribed by the presidential decree, Improving our country’s cybersecurity. In accordance with this OS, all software purchased by the US government must now meet security standards in its design and deployment. We encourage you to follow these practices more broadly.