Written by Billy Moran
When it comes to cybersecurity current events definitely factor into decision making. With the Russian invasion of Ukraine, cybersecurity threat levels have risen worldwide to be prepared for any potential “spillover” effects or escalations beyond the Ukrainian borders. Here’s what experts are saying you should keep in mind for your network.
CISA Says Shields Up
The Cybersecurity & Infrastructure Security Agency, or CISA, is an operational component under Department of Homeland Security oversite. In the last week, their website posted a prominent SHIELDS UP banner on their home page stating that, “Every organization—large and small—must be prepared to respond to disruptive cyber activity.” The site goes on to say that the Russian attack has involved cyber-attacks on the Ukrainian government as well as critical infrastructure organizations which may impact organizations both within and beyond the region and particularly in the wake of sanctions imposed by the United States and its allies.
This spillover effect is cause for great concern. Melissa Griffith, a senior program associate at the Wilson Center, said during a press briefing that “cyber operations where due diligence is not done upfront have a bad habit of spilling over into other regions and other countries’ networks. There is a real spillover effect here that could have unintended consequences.”
Steps for Cyber Readiness
Cybersecurity company Fortinet said that responding to the heightened sense of concern means increased readiness, which starts with reminding teams of standard cyber hygiene protocols and best practices – simple actions that can go a long way towards fighting against cyberthreats:
- Patching: Ensure that all systems are fully patched and updated
- Protection Databases: Make sure your security tools have the latest databases
- Backup: Create or update offline backups for all critical systems
- Phishing: Conduct phishing awareness training and drills
- Hunt: Proactively hunt for attackers in your network using the known TTPs of Russian threat actors
- Emulate: Test your defenses to ensure they can detect the known TTPs of Russian threat actors
- Response: Test your incident response against fictitious, real-world scenarios
- Stay up to Date: Subscribe to threat intelligence feeds like Fortinet Threat Signals
Uplogix for Times Like These
While Uplogix isn’t strictly a cybersecurity product, we do bring valuable features to lock down vulnerabilities and weaknesses in your network infrastructure.
First, with an out-of-band platform like Uplogix, you can separate management traffic from operational traffic. By ensuring that management traffic only comes from the out-of-band communications path, compromised user devices or malicious network traffic is prevented from impacting network operations and compromising network infrastructure. This is the architecture recommended by a recent NSA guideline.
Next, Uplogix maintains and enforces AAA with granular authorization and logging capabilities (session, change & event) regardless of the state of the network. Control who has access to what. Even control what commands they can run. And this out-of-band access is flexible: our hardware features modular out-of-band options – so you can plug in the right connectivity solution for each site. Choose from cellular, POTS line, fiber, … even use an Iridium satellite connection for access anywhere in the world.
Uplogix is your go-to in times of need
Uplogix can store configurations for a “safe mode” for network devices, limiting functionality to effectively quarantine sections of your network. With Uplogix you can push a config to one device, or thousands deployed across your network. Think of it as a panic button.
As the scope of the breach becomes more clear, Uplogix can push additional configurations to bring unaffected services and locations back up across your network, ensuring the fastest return to normal possible. Network resiliency is defined not just by how unlikely your network is to get hacked, but maybe even more importantly how quickly you can recover.
The Uplogix platform itself is the most secure console server you can deploy. Built on a closed Linux distribution, Uplogix puts the entire platform through the FIPS-142 certification process and provides complete audit and compliance reporting. Data is stored on Opal 1.2 NVMe drives capable of 256-bit AES compliant data encryption to protect your configuration data stored locally.
For more information on how Uplogix can step up your network security, contact us for an online demo.