May 11, 2022 By Jennifer Gregory 2 min read

President Joe Biden warned U.S. businesses of possible cyberattacks from the Russian government in March. His statement suggested business owners should work to reduce vulnerabilities and prevent attacks.

President addresses cybersecurity risks

In his statement, Biden said, “I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners. It’s part of Russia’s playbook. Today, my Administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks.”

Biden promised that his administration will continue “to use every tool to deter, disrupt and, if necessary, respond to cyberattacks against critical infrastructure.” Businesses also need to do their part. He then urged “private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year.”

Anne Neuberger, the deputy national security adviser for cyber and emerging technology, also released a warning. She told the New York Times that the government had observed some movement that can signal an upcoming attack, such as scanning websites. She said that the administration was addressing the private sector because the private sector manages most critical infrastructure.

Increased threats since start of the war

Since the beginning of the Russia-Ukraine war, cybersecurity workers and the U.S. government have become more concerned about potential attacks by Russian threat actors. In February, IBM Security X-Force issued a research advisory about the detection of a wiper malware called HermeticWiper that was running on systems belonging to Ukrainian companies.

Based on current knowledge, IBM Security X-Force recommends that businesses remain in the highest alert posture based on the rapidly evolving war. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) also provides updated information on its website regarding the current threats related to Russia. The agency also advises all organizations who face cyber anomalies or incidents to contact CISA.

Reducing risks of attacks

To provide further guidance on best practices for U.S. entities, the White House also issued a fact sheet.

Suggestions include:

  • Mandating the use of multi-factor authentication
  • Deploy modern security tools
  • Patch systems against all known vulnerabilities
  • Change network passwords
  • Back up data and keep offline backups
  • Conduct drills of emergency plans
  • Encrypt data
  • Educate employees about potential schemes, such as phishing and websites
  • Work with the local FBI field office or CISA Regional Office.

By creating an action plan and monitoring the situation, businesses can reduce their risk of attack. The concerns with the Russian government may pass. However, the plans and defenses you made will also help improve your overall cybersecurity program. That, in turn, will help keep your data safer from attacks.

More from News

3,000 “ghost accounts” on GitHub spreading malware

3 min read - In the past, cyber criminals directly distributed malware on GitHub using encrypted scripting code or malicious executables. But now threat actors are turning to a new tactic to spread malware: creating ghost accounts. A highly effective malware campaign Check Point Research recently exposed a new distribution-as-a-service (DaaS) network, referred to as the Stargazers Ghost Network, that has been spreading malware on GitHub for at least a year. Because the accounts perform typical activities as well, users did not realize that…

Warren Buffett’s warning highlights growing risk of cyber insurance losses

3 min read - The United States cyber insurance industry continues to see strong profits, according to Fitch Ratings. Average premium increases, meanwhile, have moderated over the last three years: While 2021 saw a 34% jump in premium pricing and costs rose 15% in 2022, increases were under 1% in 2023.As noted by the Fitch Ratings report, "segment underwriting profitability at current levels is unsustainable as cyber insurance pricing is likely to remain flat or down going forward." While this is good news for…

New CISA guidance for organizations adopting Single Sign-On

4 min read - The Cybersecurity and Infrastructure Security Agency (CISA) recently conducted a comprehensive study of various small and medium-sized businesses to help identify common challenges and opportunities associated with Single Sign-On (SSO) adoption. SSO has garnered considerable chatter across several industries, especially regarding its ability to improve security while extending a certain level of convenience to employees using this protocol. However, it hasn’t yet been widely adopted as a best practice standard. Some businesses rave about SSO's security benefits, while others are…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today