CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

CISA Warns Critical Infrastructure Organizations of Foreign Influence Operations

Newly published guidance from the United States Cybersecurity and Infrastructure Security Agency (CISA) provides critical infrastructure organizations with instructions on how to prepare for and mitigate foreign influence operations.

Newly published guidance from the United States Cybersecurity and Infrastructure Security Agency (CISA) provides critical infrastructure organizations with instructions on how to prepare for and mitigate foreign influence operations.

Leveraging misinformation, disinformation, and malinformation (MDM), along with other tactics, foreign influence operations are meant to undermine trust in critical infrastructure, disrupt markets, sow discord, and undermine the security of the US and its allies.

When promoted consistently and reinforced by individuals with influence, MDM narratives may have amplified effects, especially when targeting National Critical Functions (NCFs) and critical infrastructure.

Foreign influence operations targeting US audiences in recent years have been paired with cyberattacks to create confusion and anxiety and, in the light of increased tensions between Russia and Ukraine, critical infrastructure organizations are potentially at risk of being targeted in similar operations.

“Recently observed foreign influence operations abroad demonstrate that foreign governments and related actors have the capability to quickly employ sophisticated influence techniques to target U.S. audiences with the goal to disrupt U.S. critical infrastructure and undermine U.S. interests and authorities,” CISA notes.

[READ: Lawmakers Introduce Combined Bill for Strengthening Critical Infrastructure Security]

CISA’s guidance is meant to help critical infrastructure organizations better understand the risks associated with influence operations conducted on social media and other online platforms, and instructs them on the steps they can take internally to improve their resilience.

All organizations, the agency says, should evaluate previously observed MDM narratives targeting their sectors, learn about the sources of information their stakeholders and customers use, map communication channels with key stakeholders, and keep an eye for any change in online activity related to their sectors.

Advertisement. Scroll to continue reading.

Furthermore, organizations should identify any vulnerabilities that an MDM actor may exploit, and should educate their employees to secure their social media accounts using multi-factor authentication and to practice smart email hygiene.

“Malicious actors can use hacking and other cyber activities as part of influence operations. Hijacking accounts and defacing public facing sites can be used to influence public opinion. Organizations should be aware of cyber risks and take action to reduce the likelihood and impact of a potentially damaging compromise,” CISA notes.

Additionally, the agency recommends that organizations establish clear communication channels with their stakeholders, that they make information available on their websites as clear as possible, and that they review their social media presence and access privileges for social media accounts.

CISA also notes that decision makers should engage in active communication with other entities in their sector to build a trusted network and that they should develop an MDM incident response process to be prepared for mitigating any influence operation that is combined with cyber activities targeting their organization.

“In today’s information environment, critical infrastructure owners and operators must play a proactive role in responding to MDM. While each MDM narrative will differ, the TRUST model for incident response can help reduce risk and protect stakeholders,” CISA says.

Related: FBI Warns of BlackByte Ransomware Attacks on Critical Infrastructure

Related: Ransomware Targeted 14 of 16 U.S. Critical Infrastructure Sectors in 2021

Related: University Project Cataloged 1,100 Ransomware Attacks on Critical Infrastructure

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.