The US Cybersecurity and Infrastructure Security Agency (CISA) has partnered with the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and several international cybersecurity bodies to release a new guide aimed at mitigating cyber-threats for civil society.
The publication Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society is designed to provide high-risk communities with actionable steps to bolster their cybersecurity defenses.
It specifically targets civil society organizations such as nonprofits, advocacy groups, cultural and faith-based institutions, academic bodies, think tanks, journalists, dissidents and diaspora organizations, which are often at risk of cyber intrusions by state-sponsored actors.
According to the guidelines, state-sponsored cyber-threats, primarily emanating from nations like Russia, China, Iran and North Korea, pose significant risks to these communities. These actors typically engage in extensive reconnaissance to gather information, using tactics such as social engineering and deploying spyware to monitor and harass their targets.
The new guidance addresses these risks by recommending both preventive measures and best practices that civil society organizations can implement to protect their digital infrastructure.
In particular, the guide underscores the importance of keeping software updated, implementing phishing-resistant multi-factor authentication, auditing and disabling unused accounts, and applying the principle of least privilege to minimize access vulnerabilities.
Additionally, it calls on software manufacturers to adopt and commit to secure-by-design practices, emphasizing that cybersecurity should be built into the development process rather than being an afterthought.
The guidance also highlights the necessity for civil society organizations to engage in basic cybersecurity training, exercise due diligence when selecting vendors and develop comprehensive incident response and recovery plans.
For individual members of civil society, the guide recommends using strong passwords, limiting publicly available personal information and being vigilant against social engineering tactics. The use of encryption to protect communications is also strongly advised.
The research and recommendations included in this guide are part of a broader initiative to enhance the digital security of high-risk communities, ensuring they can continue their critical work without the constant threat of cyber intrusions.