Due to recent tensions between the United States and Iran, the DHS/US Government as well as other 3rd party intelligence sources and security manufacturers, have issued alerts and recommendations for heightened cyber activity by Iranian threat actors.
The Cybersecurity and Infrastructure Security Agency (CISA) issued an announcement providing guidance specific to Adversarial Tactics and Techniques (Mitre ATT&CK Framework) to known Iranian APT (Advanced Persistent Threats).
When alerts such as this are released, we take a moment to remind our partners of a few critical security checks that can make a difference in the case of an attack.
How to Protect Your Organization
When geopolitical actions flare-up, organizations across the globe face an increased risk of cybersecurity attacks. During these times, it’s vital that infosec teams review security protocols and configurations to ensure networks are secure and protected from outside threats. While preparation is critical for any organization, it’s especially important to take the proper steps in preventing an unauthorized user from entering your organization’s network during times of heightened threat activity.
In addition to the CISA announcements, recommendations and mitigation steps, here is our table-stakes checklist:
- Staff Education & Notification: Remind users about cyber safety, to be vigilant about emails or phone calls that seem out of place, and to always check sources before clicking links
- Network Edge Intrusion & Threat Prevention: Ensure all security features are configured for your current environment and up to date with the latest software
- Multi-Factor Authentication: Configure and maintain a robust MFA practice, that at a minimum is enforced for administrator privilege level users
- Endpoint Protection: Ensure all features are turned on and each endpoint that touches your network is protected
Finally, we also recommend subscribing to automated announcements at the US-CERT.gov website.
If you are concerned about your cybersecurity posture at times like this, our team is available to help.Partner Updates