On July 19th, the National Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigations (FBI) released a joint cybersecurity advisory pertaining to Chinese state-sponsored threat actors. The advisory warns of potential malicious activity targeting “U.S. and allied political, economic, military, educational, and critical infrastructure (CI) personnel and organizations.”
In response to this increased threat, CISA suggests organizations, particularly managed service providers, semiconductor companies, the Defense Industrial Base (DIB), universities, and medical institutions, take the following steps:
Patch your systems as soon as you can after the release of operating system and application patches. Updates are often quickly reverse-engineered by threat actors to determine the vulnerability that is being fixed and whether it can be weaponized.
Employ monitoring and detection technologies give you a 360-degree view of what is happening on your network. Be sure you can see lateral movement, which may show indicators of compromise, inside-out traffic to malicious hosts, which may indicate command and control communication, and outside-in communication, which could reflect attempts at compromise from external sources.
Implement strong preventative measures to mitigate or help prevent compromise from occurring. These include active anti-virus and multi-factor authentication.
Read the full cybersecurity advisory issued by CISA here. While this alert focuses on businesses that would be potential targets for nation-state threat actors, the advice above is applicable to any business. Following these best practices does not guarantee the prevention of a security incident but can make it substantially more difficult for threat actors to gain a foothold in an organization’s network and systems and can reduce detection time.
If you suspect any malicious activity in your systems, or would like to speak to an incident response attorney to help improve your organization’s security, Octillo attorneys can be reached 24/7 via our Data Breach Hotline: 844.502.9363 or [email protected].
*Attorney advertising: prior results do not guarantee future outcomes.