🛡️A cyber🧵While there are currently no specific or credible cyber threats to the US homeland as a result of the unprovoked Russian invasion of Ukraine, @CISAgov strongly urges continued vigilance by all orgs – large & small. See cisa.gov/shields-up for info & updates 1/
Just because we have not seen threats to date doesn’t mean we will not see them manifest quickly. Risks may emerge rapidly from a) unintended impacts of cyber attacks within & beyond Ukraine by both state & non-state actors; 2/
b) opportunistic targeting of US-based critical infrastructure by criminal ransomware gangs; or c) deliberate targeting by Russian state-sponsored malicious cyber actors in retaliation for actions taken by the US & our Allies to impose costs on Russia. 3/
We strongly encourage everyone to review & implement guidance on cisa.gov/shields-up to ensure security of networks & data; this is about preparation NOT panic (cue @coldplay). For orgs that struggle w/resources, we’ve compiled a list of FREE tools: go.usa.gov/xtu7b 4/
And to protect yourself & your family from cyber threats, enable multi-factor authentication (MFA) NOW (cisa.gov/MFA); update your software; think before you click on links that look even a little bit suspicious; & use strong passwords & ideally a password manager. 5/
We’ll continue to message transparently on what we & our awesome #JCDC & fed partners are seeing across the cyber threat landscape & in the event of an incident, share actionable info broadly in a way that protects victims & prevents potential victims from getting hacked. 6/
All orgs should report incidents or anomalous activity to @CISAgov (central@cisa.dhs.gov | 888.282.0870) and/or #FBI (CyWatch@fbi.gov | 855.292.3937); keep thresholds low for reporting during this period to help us connect the dots & drive down risk BEFORE significant impact. 7/
Our collective focus must be on RESILIENCE, not just prevention. We live in a world where it's increasingly hard to prevent bad things from happening; we must recognize that bad things WILL happen & ensure we're prepared to respond & recover rapidly to mitigate risk & impact. 8/
Even as we focus on cyber resilience, we must also focus on human resilience. Defenders across the world are working flat out (again!); leaders must ensure teams get support & resources needed. CEO's must empower CISO's & guard as much as possible against burnout & fatigue. 9/
We know that such a high optempo is not sustainable for a long period of time, but now is not the time to let our guard down – working with our teammates across the government & the private sector, we’ll continue to keep everyone informed. #ShieldsUp! END
• • •
Missing some Tweet in this thread? You can try to
force a refresh