The Russian government has issued cybersecurity guidance to businesses in the country after claiming they are at risk of US reprisals for the recent SolarWinds attacks.
The alert came late last week from the National Coordination Center for Computer Incidents (NKTsKI), an agency created in 2018 by KGB successor the Federal Security Service (FSB).
It claimed the Biden administration had threatened to carry out retaliatory attacks on Russian critical infrastructure following the large-scale cyber-espionage campaign experts say the Kremlin has waged on US government and other organizations over the past year.
In fact, Biden’s press secretary had done little but repeat previous statements that the US reserves the right to “respond at a time and manner of our choosing to any cyber-attack.”
The 15-point plan issued by NKTsKI features some pretty basic advice including updating incident response plans, correctly configuring security tools, training users how to spot phishing, avoiding third-party DNS servers and using multi-factor authentication.
Also on there are: application controls, firewalls, updated passwords, email security and prompt patching.
The US finally blamed Russia for the SolarWinds attacks earlier this month, after it emerged that Kremlin-sponsored operatives had performed a major spying operation on government departments including the Department of Justice, the State Department and the Treasury.
President Biden now has the tricky geopolitical task of seeking cooperation with Russia over arms treaties but a way to punish the Kremlin for this cyber-attack and other pressing issues.
Reports suggest he has tasked the intelligence community with investigating four key areas: the SolarWinds attack, possible interference in the 2020 election, efforts to muzzle Russian opposition leader Alexei Navalny, and a bounty program to pay Taliban fighters in Afghanistan for killing US troops.