Cyber Update: Increased Russian-Ukrainian Cyber Activity 11 Point Checklist

With military operations underway in Ukraine, targeted cyber-attacks have also been reported. While the reported targets are focused in and around the theater of operations these activities may expand beyond so it’s a good idea to recheck that your security posture prepared.

Below is a recommended 11 point security posture check list that can be used to assess your environment’s readiness.

We are making this available as it is our goal to ensure organizations are properly prepared in the event of a cyber-attack or related incident:

    • Detect: Monitor for unusual or unexpected activity involving internal and/or external sources
    • Cloud Security: Verify cloud features (S3 buckets / EC2 instances for example) are securely locked down and monitored for communications between applications to ensure there’s nothing out of the ordinary. Recheck, monitor, and audit access and changes to your cloud environments.
    • Identify: Ability to identify all devices, users, & activities occurring and properly classify as known good, known bad, and unknown
    • Access: Do not allow logins from sources with no business justification including geographical.
    • Mitigation: Capability to stop threat actors from performing nefarious activities
    • Vulnerability Scanning: Consistently scan your environment for vulnerabilities and remediate accordingly.
    • Patching: Related to vulnerability scanning, ensure all systems are fully patched to the latest version.
    • Automatic Updates: Often overlooked, ensure your security environment is set to receive and apply OEM issued security updates.
    • Backup: Create or update backups for all critical systems and ensure backups are separated (air gapped) from production systems.
    • Email Security: Email continues to serve as a major entry point for threat actors. Is your email security sufficient to identify and stop these activities?
    • Incident Response: Have an Incident Response plan, including a retainer, and it be tested regularly.

Below is a listing of sites that contain helpful related content:

Integration Partners, a ConvergeOne company, is available to assist with your security needs so please reach out to your Account Executive or reach out directly via securitynotify@integrationpartners.com.