CISA | April 22, 2022
The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), National Cyber Security Centre New Zealand (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) and National Crime Agency (NCA), with contributions from industry members of the Joint Cyber Defense Collaborative, issued a joint Cybersecurity Advisory on Russian state-sponsored and criminal cyber threats to critical infrastructure that could impact organizations both within and beyond Ukraine.
It is the most comprehensive view of the cyber threat posed by Russia to critical infrastructure released by government cyber experts since the invasion of Ukraine in February.
The advisory provides technical details on malicious cyber operations by actors from the Russian Federal Security Service (FSB), Russian Foreign Intelligence Service (SVR), Russian General Staff Main Intelligence Directorate (GRU), and Russian Ministry of Defense, Central Scientific Institute of Chemistry and Mechanics. It also includes details on Russian-aligned cyber threat groups and cybercrime groups. Some of these cybercrime groups have recently publicly pledged support for the Russian government and have threatened to conduct cyber operations in retaliation for perceived cyber offensives against Russia or against countries or organizations providing materiel support to Ukraine.
The advisory recommends several immediate actions for all organizations to take to protect their networks, which include:
Prioritize patching of known exploited vulnerabilities;
Enforce multifactor authentication;
Monitor remote desktop protocol (RDP); and
Provide end-user awareness and training
We know that malicious cyber activity is part of the Russian playbook. We also know that the Russian government is exploring options for potential cyberattacks against U.S. critical infrastructure. Today’s cybersecurity advisory released jointly by CISA and our interagency and international partners reinforces the demonstrated threat and capability of Russian state-sponsored and Russian aligned cyber-criminal groups to our Homeland. We urge all organizations to review the guidance in this advisory shields-up for continually updated information on how to protect yourself and your business.”
Jen Easterly, CISA Director
"The FBI is focused on exposing and disrupting malicious cyber activity by Russia against our allies and our own networks," said Bryan Vorndran, FBI Cyber Division Assistant Director. "We are working alongside our federal and international partners to quickly share information that helps private industry as well as the public to better protect and defend their systems from these threats. We will continue to investigate these malicious threat actors through our unique authorities and hold them accountable for their actions.”
“Threats to critical infrastructure remain very real," said Rob Joyce, NSA Cybersecurity Director. "The Russia situation means you must invest and take action.”
“Recent intelligence and historic instances of destructive cyber attacks indicate now is the time for organisations to improve their cyber security posture,” said Abigail Bradshaw, Head, Australian Cyber Security Centre. “In particular, critical infrastructure organisations should act now to raise defences, not wait until being attacked. The ACSC stands ready to support its critical infrastructure partners in responding to the threats we face - by raising their awareness of the threat, sharing indicators of compromise, and providing technical mitigation advice.”
“Russia has significant cyber capabilities and a demonstrated history of using them irresponsibly, and state-sponsored malicious cyber activity is a real risk to organizations around the world,” said Sami Khoury, Head, Canadian Centre for Cyber Security. “By joining alongside our partners in releasing today’s joint advisory, the Communications Security Establishment and its Canadian Centre for Cyber Security continue to support making threat information more publicly available, while providing specific advice and guidance to help protect against these kinds of risks.”
“We are currently seeing an increased potential for cyber-attacks on critical infrastructures which may have a serious impact, even for countries and organisations not directly targeted,” said Lisa Fong, Director of New Zealand’s National Cyber Security Centre. “Organisations should take the opportunity to consider their security posture, understand their critical systems and risks – including across their supply chain – and exercise readiness. This joint advisory with our partners provides organisations with important information which will help them to build their cyber resilience by identifying and mitigating risks they face.”
“In this period of heightened cyber threat, it has never been more important to plan and invest in longer-lasting security measures,” said Lindy Cameron, NCSC CEO. “It is vital that all organisations accelerate plans to raise their overall cyber resilience, particularly those defending our most critical assets. The NCSC continues to collaborate with our international and law enforcement partners to provide organisations with timely actionable advice to give them the best chance of preventing cyber-attacks, wherever they come from.”
“Cyber attacks have evolved and increased in scale and severity over recent years, with the criminal groups behind them targeting the critical infrastructure of countries around the world,” said Rob Jones, NCA Director General for Cyber. “The NCA leads the UK law enforcement response to this threat, working with a range of international partners to investigate cyber criminals and disrupt the services they rely on. It is vital that organisations help bolster this response by enhancing cyber resilience and reporting any incidents of cyber crime to the authorities, to allow timely mitigation of further attacks.”
Because evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks, the cybersecurity authorities are providing this robust advisory with several resources and mitigations that can help the cybersecurity community protect against possible cyber threats from these adversarial groups. Executives, leaders, and network defenders are urged to implement recommendations to prepare for and mitigate the varied cyber threats listed in the Cybersecurity Advisory here.
All organizations should share information about incidents and unusual cyber activity with their respective cybersecurity authorities. When cyber incidents are reported quickly, it can contribute to stopping further attacks.
As the nation’s cyber defense agency, the Cybersecurity and Infrastructure Security Agency (CISA) leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.
Agilicus | February 14, 2022
Agilicus has been awarded a Government of Canada contract, through Innovative Solutions Canada, with Shared Services Canada (SSC) for its Zero Trust Network Access platform.
Shared Services Canada is evaluating Agilicus to augment their security solutions to include an enterprise-grade, cloud-based, Zero Trust Network Access platform. Agilicus can enable secure access for Government of Canada and Non-Government of Canada remote users, with a consistent and frictionless experience from any device, anywhere in the world. The result is decreased cybersecurity risks, enhanced productivity, greater access, higher user satisfaction, and a unified user experience.
“We are thrilled to be working with SSC, who lead the way in delivering modern, secure, innovative IT solutions that support Canada’s federal organizations and their digital programs,” said Angelo Compagnoni, co-founder, Agilicus. “We are grateful for ISC and SSC’s commitment in furthering Canadian innovation and their recognition of our Zero Trust Network Access platform.”
SSC’s mandate includes designing and operating an effective, efficient, and secure IT infrastructure that protects Government of Canada data and technology assets. SSC and its federal government partners, continue to modernize their traditional perimeter defenses with a Zero Trust framework. SSC has engaged with Agilicus to test the Agilicus Zero Trust Network Access platform for its ability to provide fine-grained, secure, access to resources such as applications, shares and desktops from anywhere.
Agilicus’ novel Zero Trust Network Access platform empowers any organization to provide single sign-on, with existing credentials, to any resource, using any device, without a VPN or client, simply, securely, and economically.
Agilicus is a Canadian cyber security company shaping the future of work by transforming the way modern workforces connect to corporate resources. With a foundation in Zero Trust, Agilicus is a more secure alternative to VPNs and perimeter-based network access. Agilicus’ cloud-native solution empowers organizations of all types and sizes, to quickly and seamlessly expand the reach of company resources without compromising security. Today’s mobile users, employees, frontline workers, contractors, and partners can be equipped with the secure remote access that was previously unattainable.
GovCIO | January 20, 2022
GovernmentCIO, a leading provider of high-end technology and digital services to federal agencies, announced Thursday it is rebranding the company as GovCIO. The move reflects the company's accelerated growth, expansion into new agencies, and increased service offerings.
The rebrand underscores how GovCIO is modernizing its approach and practices to better reflect its new goals and momentum while still retaining its core mission and values. GovCIO has updated its logo and will launch a website redesign in March as part of the rebrand rollout this year.
This evolution of the brand follows last year's acquisition of Salient CRGT (SCRGT), a leading provider of data analytics, cloud, agile development, cybersecurity, and infrastructure solutions to national security, health, and civilian agencies. The combined company now has more than 2,600 employees and an annual revenue exceeding $700 million.
"We've expanded both our footprint across the defense, health and civilian spaces, and the breadth of capabilities we can offer customers. The new name represents both where the company has been as well as where the company is going," said GovCIO CEO Jim Brabston.
The integrated GovCIO better positions the company across the government marketplace. Company leaders evaluated what GovCIO was at the start, what it is today, and where it wants to go in the future. Through this process, they have made sure to stay true to GovCIO's roots and core founding mission of transforming government IT.
GovCIO will continue to use IT to transform how government serves citizens while supporting each agency's unique mission. Employees will create solutions that optimize how its customers operate so they can focus on what really matters — their customers. Visit www.govcio.com to explore the new brand and capabilities.
GovCIO is a rapidly growing provider of advanced technology solutions and digital services to the federal government. In the 11 years since its founding, GovCIO has become a leading prime contractor supporting the mission of federal agencies, including the Departments of Defense, Health and Human Services, Homeland Security, Justice, Veterans Affairs, the Pension Benefit Guaranty Corporation, United States Patent and Trademark Office, Government Accountability Office, and the Internal Revenue Service. GovCIO's core capabilities are in cybersecurity, digital services, data analytics, digitization, DevSecOps, and IT modernization.
Motorola Solutions | April 23, 2022
Motorola Solutions announced the establishment of Motorola Solutions’ cyber threat information sharing and analysis organization (ISAO) for public safety. The Public Safety Threat Alliance, a Cybersecurity and Infrastructure Security Agency (CISA)-recognized ISAO, highlights Motorola Solutions’ unwavering commitment to public safety organizations and the communities they serve. CISA, which falls under the U.S. Department of Homeland Security, serves as the National Coordinator for Critical Infrastructure Security and Resilience, on this important initiative.
In accordance with the 2015 Executive Order “Promoting Private Sector Cybersecurity Information Sharing”, ISAOs are groups focused on sharing information related to cybersecurity risks and incidents with membership drawing from the public and private sectors. With the establishment of the Public Safety Threat Alliance, members will be able to share and analyze information from multiple sources to proactively contribute to a stronger cybersecurity posture for the public safety community, their constituents, and other stakeholders, including government agencies and businesses.
The establishment of the Public Safety Threat Alliance fills a critical void, creating a single entity entirely focused on the collection, analysis, production and sharing of actionable public safety-focused cyber threat information and intelligence. Now, the public safety community is better equipped to focus their cyber threat intelligence and defense efforts on specific adversaries and their malicious cyberattacks.”
Billy Bob Brown, Jr., executive assistant director for Emergency Communications, CISA
The Public Safety Threat Alliance will leverage information related to cybersecurity risks from across Motorola Solutions’ Cybersecurity Services, coupled with information from members and trusted partners including CISA, other ISAOs, and nonprofits dedicated to sharing cyber threat intelligence, to generate actionable intelligence which will improve members’ cybersecurity posture, defense and resilience against ever-evolving threats to their no-fail Public Safety missions.
“For example, it’s been reported that there was a 1,885 percent increase in ransomware attacks against governments worldwide in 2021,” said Scott Kaine, corporate vice president of Cybersecurity, Motorola Solutions. “With cyber threats increasing in scope, scale and complexity, the Public Safety Threat Alliance can help to dramatically increase the efficacy with which intelligence is used to monitor, detect and respond to potential threats before they result in downtime of public safety services.”
Membership in the Public Safety Threat Alliance is open to all public safety agencies.
About Motorola Solutions
Motorola Solutions is a global leader in public safety and enterprise security. Our solutions in land mobile radio communications, video security & access control and command center software, bolstered by managed & support services, create an integrated technology ecosystem to help make communities safer and businesses stay productive and secure. At Motorola Solutions, we’re ushering in a new era in public safety and security.