{"id":21470,"date":"2022-02-23T07:53:58","date_gmt":"2022-02-23T15:53:58","guid":{"rendered":"https:\/\/salesforcedevops.net\/?p=21470"},"modified":"2022-02-23T08:17:58","modified_gmt":"2022-02-23T16:17:58","slug":"us-agencies-step-up-cyberattack-warnings-amid-ukrainian-unrest","status":"publish","type":"post","link":"https:\/\/cms.salesforcedevops.net\/index.php\/2022\/02\/23\/us-agencies-step-up-cyberattack-warnings-amid-ukrainian-unrest\/","title":{"rendered":"US Agencies Step Up Cyberattack Warnings Amid Ukrainian Unrest"},"content":{"rendered":"\n

With rising tensions between Ukraine and the Russian Federation, United States security officials have stepped up warnings to businesses in America and its allies. Stark warnings have gone out from the US Departments of Justice and Homeland Security about the possibility of cyberattacks. In this post I summarize these warnings, and then share some ways for Salesforce customers to be prepared for cyberwar threats.<\/p>\n\n\n\n

CISA Issues Shields Up<\/em> Warning<\/h2>\n\n\n\n

On February 12 CISA<\/a>, the US Department of Homeland Security\u2019s Cybersecurity & Infrastructure Agency started a Shields Up<\/em><\/a> publicity program. CISA is the US government agency that is the most active educator of cybersecurity practices.<\/p>\n\n\n\n

On the Shields Up page, CISA warns about possible hostile acts coming from Russia. \u201cWhile there are not currently any specific credible threats to the U.S. homeland, we are mindful of the potential for the Russian government to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine,\u201d CISA stated on the Shields Up page<\/a>. More information about threats from Russia are detailed on CISA\u2019s Russia Cyber Threat Overview and Advisories<\/a> page.<\/p>\n\n\n\n

US DOJ Official Issues Global Cyberattack Warning<\/h2>\n\n\n\n

On February 17 at the Munich Cyber Security Conference<\/a> a top US Department of Justice official issued a stark warning for businesses in America and its allies. \u201cGiven the very high tensions that we are experiencing, companies of any size and of all sizes would be foolish not to be preparing right now as we speak — to increase their defenses, to do things like patching, to heighten their alert systems, to be monitoring in real-time their cybersecurity,\u201d deputy attorney general Lisa Monaco said. “They need to be as we say, ‘shields up’ and to be really on the most heightened level of alert that they can be and taking all necessary precautions.”<\/p>\n\n\n\n

White House Names Russian Security Agency Behind Ukraine Bank Cyberattack<\/h2>\n\n\n\n

On February 18, Anne Neuberger, who is the National Security Agency\u2019s (NSA) top official on cybersecurity, briefed the press and cited specific knowledge of Russia\u2019s involvement in a February 12 cyberattack. This was a change in tone for the White House, signaling a new confidence to identify cyber actors. <\/p>\n\n\n\n

\u201cWe believe that the Russian government is responsible for wide-scale cyberattacks on Ukrainian banks this week.  We have technical information that links Russian \u2014 the Russian Main Intelligence Directorate, or GRU, as known GRU infrastructure was seen transmitting high volumes of communications to Ukraine-based IP addresses and domains,\u201d said Ms. Neuberger at the press conference.<\/p>\n\n\n\n

The US government has made it known that it has used offensive cyber capabilities, as well as crime-solving resources, to crack down on cyber threats like fraud and ransomware. In closing her remarks, Ms. Neuberger quoted President Biden saying, \u201cIf Russia attacks the United States or our Allies through asymmetric activities, like disruptive cyberattacks against our companies or critical infrastructure, we are prepared to respond.\u201d<\/p>\n\n\n\n

Cybersecurity for Salesforce<\/h2>\n\n\n\n

CISA is does a good job teaching the highest level of cybersecurity awareness. It also gives practitioners specific information about threat mitigation. The Shields Up website<\/a> is an excellent starting place for a proactive cybersecurity education.<\/p>\n\n\n\n

According to CISA and the National Institute of Standards and Technology (NIST) a Zero Trust Architecture<\/a> is the recommended security method for use in multi-cloud, multi-identity SaaS systems. Zero trust is failsafe mechanism designed to stop lateral intrusions in a network. While it is not much of a Salesforce topic today, zero trust will likely be a principle for upgrades to Salesforce security architectures in the future.<\/p>\n\n\n\n

Protecting Salesforce from cyber threats goes beyond an IT department\u2019s usual cybersecurity tools. I talk more about these two distinctions in a recent guest post at Dark Reading, \u201cSalesforce Devops Needs Guardrails.\u201d<\/a><\/p>\n\n\n\n