The Illinois Chamber hosted a virtual meeting with presentations by Cyber Security and Infrastructure Agency (CISA) Regional Director Alexander Joves and, FBI Special Agent Eric Brelsford.
Key takeaways from the meeting are that the threats are real, likely to increase, and businesses must plan for the worst.
Detection, Response and creating a Resilient layered security plan will reduce the likelihood of intrusion. No system is 100% and therefore, a planned response should be in place should an intrusion occur.
Resources that are available to help guide small businesses with few or no in-house technical staff as well as those with a full-time Chief Information Security Officer (CISO) are:
CISA/Sheilds-Up
IC3.GOV
EC3.GOV/Home/Ransomware
Remember, intrusions generally happen during off-peak hours, after midnight, and on weekends when the likelihood of an employee observing suspicious activity is low. To combat this, Intrusion detection software can be installed and potentially alert you to an intrusion and trigger a predetermined system response.
The mission of the Internet Crime Complaint Center is to provide the public with a reliable and convenient reporting mechanism to submit information to the Federal Bureau of Investigation concerning suspected Internet-facilitated criminal activity and to develop effective alliances with law enforcement and industry partners. Information is analyzed and disseminated for investigative and intelligence purposes to law enforcement and for public awareness.
The Cybersecurity and Infrastructure Security Agency (CISA) leads the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure. We connect our stakeholders in industry and government to each other and to resources, analyses, and tools to help them build their own cyber, communications, and physical security and resilience, in turn helping to ensure a secure and resilient infrastructure for the American people.
InfraGard is a partnership between the Federal Bureau of Investigation (FBI) and members of the private sector for the protection of U.S. Critical Infrastructure to the FBI, to provide education, information sharing, networking, and workshops on emerging technologies and threats. InfraGard's membership includes: business executives, entrepreneurs, lawyers, security personnel, military and government officials, IT professionals, academia and state and local law enforcement - all dedicated to contributing industry-specific insight and advancing national security.
Russia’s invasion of Ukraine could impact organizations both within and beyond the region, to include malicious cyber activity against the U.S. homeland, including as a response to the unprecedented economic costs imposed on Russia by the U.S. and our allies and partners. Evolving intelligence indicates that the Russian Government is exploring options for potential cyberattacks. Every organization—large and small—must be prepared to respond to disruptive cyber incidents. As the nation’s cyber defense agency, CISA stands ready to help organizations prepare for, respond to, and mitigate the impact of cyberattacks. When cyber incidents are reported quickly, we can use this information to render assistance and as warning to prevent other organizations and entities from falling victim to a similar attack. Ransomware - What It Is & What To Do About It Guide.
Ransomware is a type of malicious software, or malware, that encrypts data on a computer making it unusable. A malicious cyber criminal holds the data hostage until the ransom is paid. If the ransom is not paid, the victim's data remains unavailable. Cyber criminals my also pressure victims to pay the ransom by threatening to destroy the victim's data or release it to the public.
Your Ransomware Response Guide.
Ransomware Prevention Best Practices & Considerations.
Filing a Ransomware Complaint with FBI.
Email phishing campaigns: The cyber criminal sends an email containing a malicious file or link, which deploys malware when clicked by a recipient. Cyber criminals historically have used generic, broad-based spamming strategies to deploy their malware, though recent ransomware campaigns have been more targeted and sophisticated. Criminals may also compromise a victim's email account by using precursor malware, which enables the cyber criminal to use a victim's email account to further spread the infection.
Cyber Essentials for Your Team.
Your Incident and Vulnerability Response Playbook.
CISA recommends all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets. Recognizing that many organizations find it challenging to identify resources for urgent security improvements, we’ve compiled free cybersecurity services and tools from government partners, and industry to assist.
Today’s globally interconnected world presents a wide array of serious risks and threats to critical infrastructure, systems, assets, functions, and citizens. Given the dynamic threat landscape and significant developments in global cybersecurity and related policies, the U.S. government must remain fully engaged to shape an environment that will preserve our national security interests, economic security interests, and competitiveness into the future.
Known Exploited Vulnerabilities.
What You Can Do to Protect Keep Yourself Cyber Safe.
Reduce The Risks of a Successful Cyber Attack.
The mission of the Federal Bureau of Investigation (FBI) is to protect the American people and uphold the U.S. Constitution. InfraGard is a unique partnership between the FBI and the private sector for the protection of U.S. critical infrastructure and the American people. As one of the nation’s largest public/private partnerships, InfraGard connects critical infrastructure owners, operators, and stakeholders with the FBI to provide education, networking, and information-sharing on security threats and risks. Critical infrastructures are those systems and assets – whether physical or virtual – that are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on national economic security, national public health or safety, or any combination thereof.
5 Urgent Cyber-Secruity Actions for Executives.
Protect Your Business With Member Cloud Cover & or InfraGard.
Your Ransomware Response & Checklist.
Scams & Safety webpage.
Prepare for a Cyber Attack.
Internet Crime Report 2021
Congresswoman Underwood co-hosted a cybersecurity briefing with Illinois Chamber of Commerce, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigations (FBI) to help Illinois businesses prevent, identify and respond to malicious cyber activity. This briefing comes at a time when American companies face increased risk of cyber attacks associated with Putin’s invasion of Ukraine.