Threat actors are likely to intensify their attempts to disrupt operation of information and communication systems of public authorities as well as enterprises, institutions, and organizations of any forms of ownership during the winter holidays.
If you have noticed any signs of a cyberattack or abnormal activity in your information systems, please IMMEDIATELY report to:
Computer Emergency Response Team of Ukraine (CERT-UA)
е-mail: cert@cert.gov.ua;
phone: (044) 281-88-05 or (044) 281-88-25;
Facebook page: https://www.facebook.com/UACERT;
reporting form on the website: https://cert.gov.ua/contact-us
Cyber Incident Response Operations Center
е-mail: soc@cert.gov.ua;
phone: (044) 281-87-37
Operation and Technical Unit of the State Cyber Protection Center
phone: (044) 281-88-01
The following steps are RECOMMENDED to prevent and mitigate the impact of possible unauthorized interference attempts on the operation of information systems:
ensure the on-site presence of system administrators (security administrators) throughout the holiday period;
ensure information security event monitoring;
identify persons in charge of cyber incident response in cooperation with the State Cyber Protection Center;
create a team of IT (information security) specialists to respond to computer emergencies;
brief all the employees having access to information systems during winter holidays on compliance with information security policies (cyber hygiene rules), focusing on issues related to online and email resource use and due response to phishing messages;
make backup copies of critical (essential) information resources and save them to separate data storage facilities;
upgrade operation systems and software products to their latest available versions;
enable all the available event logging features and ensure they are saved to a separate drive;
check and enable antivirus protection, update the signature database of the antivirus software used;
scan the online information resources for vulnerabilities on your own or contact the State Cyber Protection Center;
remove any vulnerabilities of your information systems;
disable remote access to your information systems; or
revise the list of employees authorized to access your information systems remotely during the winter holidays, establish maximum limitations (filtering by IPs, protocols, access time, users, etc.);
use only highly secure remote access methods and protocols to administrate information systems and resources with an appropriate level of encryption;
use strong passwords and set up multi-factor authentication;
disable online access to software and OS versions that are no longer supported by the manufacturer or their operation is inessential during the holiday period;
shut down all the services and information systems that are not to be used during the holiday period...
Useful links:
General Recommendations for Malware Effect Mitigation
By topic «Security»
More recommendations