Skip to content
Human hand holding phone to approve a challenge for multi-factor authentication

Cyber Preparedness: Shields Up

Cyber preparedness is a topic that has been trending over the last several weeks as the U.S. Government encourages agencies to prepare for potential cyber-attacks.

As Russia continues to strike Ukrainian cities, the U.S. Government is encouraging organizations of all sizes to be prepared to respond to disruptive cyber activity.

The Cybersecurity and Infrastructure Security Agency has announced a Shields Up campaign, to raise awareness of Russian hacking as tensions around Ukraine escalate. Shield Ups' goal is to provide resources to businesses to ward off cyberattacks.

“While there are no specific or credible cyber threats to the U.S. homeland at this time, Russia’s unprovoked attack on Ukraine, which has involved cyber-attacks on Ukrainian government and critical infrastructure organizations, may impact organizations both within and beyond the region, particularly in the wake of sanctions imposed by the United States and our Allies.”

While the primary concern is to protect vital infrastructure from attacks, the guidance provided by CISA Shield Up is still relevant for private businesses as well. Cyberattacks by threat actors are on the rise, and despite the resources available to them, cybercriminals often rely on the most simple of strategies to steal or guess passwords to access victims' accounts. Spear-phishing, social engineering, and phishing toolkits are also among some of the most utilized tools for state-sponsored cyberattacks.


Use Strong Password Protection and Authentication

It is no surprise that CISA’s Shield Up Campaign’s first recommendation is focused on MFA. “Validate that all remote access to the organization’s network and privileged or administrative access requires multi-factor authentication” is the guidance to reduce the likelihood of a damaging cyber intrusion.

Enabling MFA is not just a recommendation for businesses; Shield Up also suggests that individuals implement MFA as one simple step towards improving their cyber hygiene.

“A password isn’t enough to keep you safe online. By implementing a second layer of identification, like a confirmation text message or email, a code from an authentication app, a fingerprint or Face ID, or best yet, a FIDO key, you’re giving your bank, email provider, or any other site you’re logging into the confidence that it really is you. Multi-factor authentication can make you 99% less likely to get hacked. So enable multi-factor authentication on your email, social media, online shopping, financial services accounts. And don’t forget your gaming and streaming entertainment services!” -CIAS, Shield Up Program

While implementing multi-factor authentication may seem like a common-sense best practice, according to Cyber Signals, only 22% of customers using Microsoft Azure Active Directory (Azure AD) have implemented strong identity authentication protection. 83 million attacks were recorded between November 26 and December 31, 2021, showing that there is a clear and daunting difference in the scale of identity-focused attacks and general preparedness to defend against such attacks.

More from the Blog

August 7, 2020

Garmin one of the latest companies to be hit by increasing ransomware attacks

Garmin was recently the victim of a WastedLocker ransomware attack that took a majority of its systems offline....
October 15, 2020

Lost your 2FA device? Continuous Authentication can help

Since the world went remote in response to COVID19, companies are more vulnerable than ever and attacks are up by 667%....
December 14, 2021

Human Error is a Bigger MFA Security Risk Than You Think

Nobelium, the Russian cyber group that was responsible for executing the Solarwinds attack is at it again, and this...

Sign Up for our Blog

We will never share your email address with third parties.