Cybersecurity Advisory – Public Infrastructure

CISA advisories caution of Russian malicious cyber activities targeted at critical infrastructure

Cybersecurity Advisory – Public Infrastructure

As you may be aware, Cybersecurity and Infrastructure Security Agency, CISA (Previously Cybersecurity division of Homeland Security) has released recent advisories specifically cautioning both private and public enterprises of potential malicious Russian cyber activity focused on US national infrastructure. 

Earlier this month, CISA hosted Cyber Storm VIII—the most extensive cyber security exercise of its kind—with over 2,000 private sector, government, and international participants from approximately 200 organizations. This exercise included ransomware and data exfiltration affecting industrial control systems for both public and private enterprises, alike. 

As noted by yesterday’s advisory, CISA Director Jen Easterly, Deputy Executive Assistant Director for Cybersecurity Matt Hartman, and Tonya Ugoretz, Deputy Assistant Director for the FBI’s cyber division, encouraged organizations of all sizes to have their Shields Up to cyber threats and take proactive measures now to mitigate risk, encouraging agencies to take action to protect their organizations and urged all critical infrastructure providers to implement the mitigation guidelines enumerated on CISA.gov/Shields-Up.

Those charged with management and operations of public water and wastewater infrastructure facilities are encouraged to take precautions—specifically for facilities with any WAN/internet, radio, or externally accessible facilities.

Potentially vulnerable facilities are encouraged to conduct vulnerability and penetration assessments to mitigate and protect our infrastructure from both common and uncommon exploits. Triton has partnered with certified industrial cybersecurity experts to develop a Facility Exposure Audit; a comprehensive facility security evaluation. Interested parties may contact us at cyberteam@tritoncg.com or complete a FEA request form.