Once again, I write this to show just how guilty the USA is, because the US media only reports Russia as the perpetrators. But, earlier today, Russia’s Federal Security Service (FSB) issued out a new directive designed to help Russian businesses protect their infrastructure against “Retaliatory” cyber attacks – currently unfolding of US origin.
“In the face of constant accusations of involvement in organizing computer attacks against The Russian Federation by representatives of the United States and their allies, as well as threats from their side retaliatory attacks on critical information infrastructure facilities of the Russian Federation, we recommend take the following measures to improve the security of information resource,” reads the National Coordination Center for Computer Incidents (NKTsKI) ALRT-20210121.1 security warning.
They have recommended all Russian based business enact the following 15 measures to protect against the US based cyber onslaught.
1.) Update your organization’s existing plans, instructions and guidelines for responding to computer incidents.
2.) Inform employees about possible phishing attacks using social engineering.
3.) Conduct an audit of network information security and anti-virus tools, make sure they are correct setting up and functioning on all significant network nodes.
4.) Avoid using third-party DNS servers.
5.) Use multi-factor authentication to remotely access your organization’s network.
6.) Determine the list of trusted software for access to the corporate network and limit the use of funds not included in it.
7.) Make sure the correct logging of network and system events on important elements information infrastructure, organize their collection and centralized storage.
8.) Make sure that you have and the correct frequency of backing up data for important elements of information infrastructure.
9.) Make sure that the existing policies for the differentiation of access rights for devices on the network are correct.
10.) Restrict access to services on the internal network by means of firewalls, when if you need to share them, organize it through the demilitarized zone.
11.) To work with external resources, including the Internet, use terminal access via internal services of the organization.
12.) Update the passwords of all users according to the password policy.
13.) Provide anti-virus protection for incoming and outgoing e-mail.
14.) Monitor system security with increased vigilance.
15.) Make sure you have the necessary security updates for your software.