On February 26, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint Cybersecurity Advisory regarding malware deployed against organizations in Ukraine in conjunction with the Russian military invasion, specifically WhisperGate and HermeticWhisper. These malicious programs can impede daily business operations by blocking access to critical systems and data.
Currently, there is no specific threat to any American organizations. Nevertheless, CISA and the FBI recommend all organizations “assess and bolster” their cybersecurity positions by:
- Enabling multifactor authentication;
- Setting antivirus and antimalware programs to conduct regular scans;
- Enabling strong spam filters to prevent phishing emails from reaching end users;
- Updating software; and
- Filtering network traffic.
As always, a well-trained and cautious workforce is one of the strongest defenses against cyber-attacks. Caution your employees about the heightened threat environment and remind them to look for “red flags” in emails, including but not limited to:
- Sender names that don’t match emails (e.g., sender identified as “Walt Disney” but the email address is email@example.com)
- Email addresses or domains that appear suspicious (e.g., sender identified as “Walt Disney” but the email address is HeadHoncho1957@gmail.com)
- Email domains that, upon inspection, are not quite right (e.g., “arnazon.com” instead of “amazon.com”)
- Links that go to an illegitimate site (hover over links to see the URL they go to)
- Emails that contain numerous spelling or grammar errors
- Emails that contain links or attachments that you were not expecting
- Emails that attempt to create a sense of urgency or otherwise induce the reader to click on a link or open a document
- Emails that ask the sender to send sensitive information
- Emails or links that ask for user credentials (name and password).
From the top down, create a culture of security that encourages caution over speed. In the end, a careless mistake could end up costing far more than a slight delay.
We recommend that you review your Information Security Plan and have all the critical individuals in your organization review it as well. If you need assistance with your Information Security Plan, the Cybersecurity, Data Protection, and Privacy Group is here to help you design and implement appropriate physical, administrative, and technical controls to mitigate the threat posed by cybercrime. In the event you suffer an adverse event, we can help you navigate the noticing requirements and interface with law enforcement and regulators when necessary. If you have any questions, please don’t hesitate to reach out to your Langley & Banack lawyer or Natalie Wilson, Chair of the Cybersecurity, Data Protection, and Privacy Group at (210) 253-7155 or firstname.lastname@example.org.