State urges heightened cybersecurity amid Russia-Ukraine war
The Maui News
State homeland security officials are urging Hawaii organizations to stay alert and strengthen their cybersecurity measures amid Russia’s war with Ukraine.
“While there is no specific, credible threat to Hawaii at this time, we encourage all organizations — regardless of size — to heed the Department of Homeland Security’s recommendations and adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets,” Frank Pace, administrator of the Hawaii Office of Homeland Security, said in a statement on Wednesday.
In the wake of continued geopolitical tensions and related cyberattacks on Ukraine and other countries in the region, the state Office of Homeland Security has been working with government and private sector partners to identify and rapidly share information about cybersecurity threats that could threaten the operations of critical infrastructure in Hawaii, Pace said.
The Office of Homeland Security advises:
• Reducing the likelihood of a damaging cyberintrusion by keeping networks secure, ensuring software is up to date by prioritizing updates that address known exploited vulnerabilities identified by the Cybersecurity Infrastructure Security Agency (see cisa.gov/known-exploited-vulnerabilities-catalog) and confirming with IT that all nonessential ports and protocols have been disabled. If organizations use cloud services, they should confirm that IT personnel have reviewed and implemented strong controls outlined in CISA’s guidance at cisa.gov/uscert/ncas/analysis-reports/ar21-013a. They can also sign up for CISA’s free cyberhygiene services at cisa.gov/cyber-hygiene-services.
• Taking steps to quickly detect a potential intrusion by ensuring that cybersecurity/IT personnel are focused on identifying and assessing unusual behavior and confirming that the entire network is protected by antivirus/anti-malware software with updated signatures.
• Ensuring that the organization is prepared to respond if an intrusion occurs by designating a crisis-response team, assuring that key personnel will be available in response to an incident and conducting a tabletop exercise to ensure that all crisis-response personnel understand their roles.
• Maximizing the organization’s resilience to a destructive cyberincident by testing backup procedures to ensure that critical data can be rapidly restored, ensuring that backups are isolated from network connections and conducting tests of manual controls to ensure that critical functions remain operable if the network is unavailable or untrusted.
• Having cybersecurity/IT personnel review CISA’s “Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure” at cisa.gov/uscert /ncas/alerts/aa22-011a. CISA also recommends organizations visit StopRansomware.gov, a centralized, whole-of-government webpage providing ransomware resources and alerts.
“We ask that organizations continue to secure their systems to minimize the impacts of an incident should one occur,” Pace said. “We are committed to building trust, growing partnerships, and collaboration at all levels of government, across civil society, and within our communities to combat all forms of cybersecurity attacks.”
The Office of Homeland Security requests any incidents or abnormal activity be reported through the Hawaii State Fusion Center at hsfc@hawaii .gov in addition to reporting to the Cybersecurity Infrastructure Security Agency by visiting us-cert.cisa.gov/report, emailing Central@cisa.dhs.gov or calling (888) 282-0870.
Incidents can also be reported to the FBI via the local field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov. For more information on the Honolulu field office that covers the State of Hawaii, visit fbi.gov/contact-us/field-offices/honolulu.
The Hawaii State Fusion Center develops, produces and shares intelligence and other actionable information central to preventing and responding to cybersecurity incidents.