Source:
Satisnet SOC Team
As tension continues to untenably rise between Ukraine and Russia, the Satisnet SOC Team have put together an Advisory to assist customers and security peers with the growing widespread concern around the subsequent cyber attacks.
Cyber attacks are on a sharp rise, and are currently focusing specifically on the Ukraine Government, political system, and banking industry. Satisnet are anticipating that it's only a matter of time before this becomes a global cyber security concern across all sectors.
As part of this, Satisnet are actively reviewing threat intelligence sources and updating corresponding sources.
As part of this process, the Satisnet SOC Team are urging clients and respective security professionals to adopt the following guidance:
System Patching
Ensure all devices are patched - including third-party software
Ensure all public-facing services are patched for known vulnerabilities
Ensure risk mitigation for business-critical services where patching is not available
Access Control
Ensure multi-factor authentication (MFA) is enabled across all applicable services and applications
Review privileged accounts - remove access to old accounts and unrecognised accounts
Review password policies - ensure passwords are stored in the correct systems
Security Controls
Ensure all security systems are running to optimal levels, ensure security updates, and definitions are in place:
Endpoint detection and response (EDR)
Firewalls
Intrusion prevention systems (IPS) / intrusion detection systems (IDS)
Backups
Review and confirm that backups are running
Ensure that there are offline backups available - for in the event of service outage
Phishing (CRITICAL)
Ensure employees are aware of any phishing procedures that are in place
Third-Parties
Ensure all third-party permissions are understood and the risk they face to the organisation
Knowledge Sharing
Company training tools
Ensure employees are kept up-to-date with cyber news and controls
Please do reach out to the Satisnet SOC Team via the Satisnet website, your Account Manager, or your dedicated technical contact if you require any assistance with the above, or if you have any extra concerns.