US Department of Homeland has issued an alert regarding the threat of ransomware attacks. DHS warns about it after a US Pipeline Operations facility suffered a ransomware attack.
Reportedly, the US DHS is warning enterprises about the threat of ransomware attacks through a recent advisory. To back their alert, DHS has also shed light on a previous ransomware attack on a Pipeline Operations facility.
Though, they haven’t mentioned any timelines of the incident, they have disclosed the ransomware attack mentioning CISA’s role in its rectification. As stated in their advisory,
Regarding how it happened, they revealed that the attackers targeted the said facility with spearphishing to gain access to the informational and operation technology (IT and OT) networks. Then, they deployed ransomware on both networks. The attackers succeeded because of a security flaw at the victim’s end – absence of segmentation between IT and OT networks.
- Ensuring a robust emergency response plan covering all possible impacts in the event of a cyber attack.
- Identify points of failure.
- Recognize physical risks by cyber attacks.
- Implementing robust network segmentation between IT and OT networks.
- Implementing multi-factor authentication to access networks.
- Restricting user access to networks.
- Deploying spam filters to combat phishing.
- Keeping software updated.
- Schedule antimalware scans.
- App whitelisting.
- Restricting Remote Desktop Protocol (RDP).