Security News > 2021 > December > CISA warns critical infrastructure to stay vigilant for ongoing threats
The Cybersecurity and Infrastructure Security Agency warned critical infrastructure organizations today to strengthen their cybersecurity defenses against potential and ongoing threats.
"In the lead up to the holidays and in light of persistent and ongoing cyber threats, CISA urges critical infrastructure owners and operators to take immediate steps to strengthen their computer network defenses against potential malicious cyber attacks," the cybersecurity agency said [PDF].
"CISA encourages leadership at all organizations-and critical infrastructure owners and operators in particular-to review the CISA Insights and adopt a heightened state of awareness."
CISA "Strongly" urged orgs from critical infrastructure sectors to increase organizational vigilance, prepare for rapid response, ensure network defenders implement cybersecurity best practices, stay informed about current cybersecurity threats and malicious techniques, and immediately report incidents and anomalous activity.
While CISA did not detail what these ongoing threats are, they are likely referring to the large-scale Log4j exploitation targeting vulnerable systems worldwide.
Two weeks ago, the FBI revealed in a flash alert issued in coordination with CISA that the Cuba ransomware gang alone has compromised the networks of at least 49 organizations from critical infrastructure sectors since it started attacking US targets.
News URL
Related news
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- SOCI Act 2024: Thales Report Reveals Critical Infrastructure Breaches in Australia (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Food security: Accelerating national protections around critical infrastructure (source)
- CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports (source)
- SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments (source)
- Russian military hackers linked to critical infrastructure attacks (source)
- 80% of Critical National Infrastructure Companies Experienced an Email Security Breach in Last Year (source)
- Despite Russia warnings, Western critical infrastructure remains unprepared (source)
- CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns (source)