Log in
Register
Cyber Forum
More options
Toggle width
Share this page
Share this page
Share
Share
Cyber Forum
Log in
Register
More options
Toggle width
Share this page
Share this page
Share
Share
Menu
Install the app
Install
Home
CyberWeekly Podcast
Breaking News! Podcast
Cyber Risk Rating
Forums
New posts
Forum list
Trending
Leaderboards
News Feeds
Resources
Latest reviews
Sophos X-Ops Intelix
Threat Reports
Members
Current visitors
My.CompTIA
Help Documents
Preference Center
Forums
Security
Active Exploits Discussion/Recommendations
Concerns/Attacks Related to Geopolitical Tensions between Russia and Ukraine
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="MJ Shoer" data-source="post: 2822" data-attributes="member: 3"><p><strong>Today, the CompTIA ISAO issued the following advisory. This thread is being opened for any discussion or necessary response related to this matter.</strong></p><p></p><table style='width: 100%' class=''><tr><td><p style="text-align: left">Dear CompTIA ISAO Member,<br /> <br /> We have heard a few members expressing concern about the increased tensions surrounding the potential for military conflict between Russia and Ukraine. Specifically, some members are rightly concerned that any armed conflict between these two nations could include cyberattacks against critical infrastructure, businesses, and even private citizens around the globe.<br /> <br /> I am writing today to let you know that the CompTIA ISAO shares these concerns, and we have been closely monitoring this situation for several weeks now. While we do not have any information, non-classified or classified, to indicate any specific threat to our members, we do believe that we all need to be in a significantly heightened state of alert and to closely monitor your networks and those of our customers and supply chain partners for any sign of suspicious activity.<br /> <br /> Recently my colleague and friend, Scott Algeier, executive director of the IT-ISAC, issued a statement to all IT-ISAC members. As you know, the CompTIA ISAO and IT-ISAC are partners, and as such, Scott and I have collaborated on a statement to members of the CompTIA ISAO. That statement follows:</p> </td></tr></table> <table style='width: 100%' class=''><tr><td><p style="text-align: left"></p> <p style="text-align: center"><strong>Joint Statement on Russia-Ukraine Geopolitical Tensions</strong></p> <br /> <p style="text-align: left"><br /> With the heightened geopolitical tensions around the world, specifically between Russia and Ukraine, we wanted to take a moment to state the obvious—companies must take immediate steps to review and, if necessary, upgrade their cybersecurity and to prepare for potential consequences that might result from a nation-state sponsored cyberattack.<br /> <br /> We cannot predict what will happen, but we know what has happened. Nation-state actors have a long history of attacking critical infrastructure, private enterprise, public institutions, and individual citizens. We regularly report on various nation-state actors who infiltrate supply chains, launch direct assaults, and steal core Intellectual Property.<br /> <br /> If these actors use their capabilities against the industry in times of peace, we need to be prepared for them to deploy these capabilities during a time of conflict. We must prepare for the likelihood that they will hit us even harder than they have in the past.<br /> <br /> The military and intelligence communities have a process called the "preparation of the battlefield." Those who served in the military know more about this exercise than we do. But essentially, the exercise looks at desired outcomes one would want to achieve and then walks backward from there to identify what information and actions were needed to get to that outcome. I need to know A, B, and C, to achieve Y.<br /> <br /> We must assume that our adversaries have done a “preparation of the battlefield” on us. For years these actors have been probing our defenses, understanding our interconnections, and learning our interdependencies.<br /> <br /> Companies should be prepared for:</p> <ul> <li data-xf-list-type="ul">Disruptive attacks on their corporate networks.</li> <li data-xf-list-type="ul">Disruptive attacks on customer networks they secure.</li> <li data-xf-list-type="ul">Disruptive attacks on the networks of critical partners or suppliers that impact their own business.</li> <li data-xf-list-type="ul">Disruptive attacks on the critical infrastructure sectors that have cascading impacts on their own company and the geographic locations in which they, their customers, and their employees live and work.</li> <li data-xf-list-type="ul">Disruptive attacks on platforms used by individual citizens around the world.</li> </ul> <p style="text-align: left">It is not our intent to be overly alarmist. We do not have access to any information as to timing or targets. However, some analysts suggest that the time for diplomacy is rapidly ending, and the likelihood of armed conflict is increasing. We are not predicting that a nation-state adversary will launch a significant cyberattack. But it is prudent to prepare and plan for the possibility of disruptive cyberattacks.<br /> <br /> As always, the CompTIA ISAO and the IT-ISAC teams will continue to provide updated reporting and share any new information we have with you. We encourage CompTIA ISAO members to continue with the strong, trusted collaboration that the <a href="https://nam02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcomptia-trans.informz.net%2Fz%2FcjUucD9taT04NjM0NDIxJnA9MSZ1PTk0MjAxMTE4MiZsaT03NTAyOTM5MA%2Findex.html&data=04%7C01%7Cmjshoer%40comptia.org%7Cf95c323fbb274da3e68808d9eda652e6%7C8c39a7ffe0774d1c9a1c7431fe5eb465%7C0%7C0%7C637802120880919463%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=w9GTWJyyFmk%2BU7d3KKfQNclbn7wbU7lezQ8wUFabDPA%3D&reserved=0" target="_blank"><strong>Cyber Forum</strong></a> allows us to participate in. To that end, we are opening a thread in the <a href="https://nam02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcomptia-trans.informz.net%2Fz%2FcjUucD9taT04NjM0NDIxJnA9MSZ1PTk0MjAxMTE4MiZsaT03NTAyOTM5MQ%2Findex.html&data=04%7C01%7Cmjshoer%40comptia.org%7Cf95c323fbb274da3e68808d9eda652e6%7C8c39a7ffe0774d1c9a1c7431fe5eb465%7C0%7C0%7C637802120880919463%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=%2FmNmH%2FCz2zqh4vjpOV8Sdwr6boJVNsGy9H3JbTi68q8%3D&reserved=0" target="_blank"><strong>Active Exploits Discussion/Recommendations</strong></a> forum today, which we will keep open until the current geopolitical tension around Russia and Ukraine resolve to a significant extent. Please post your concerns, questions, and any helpful information you may come across that may help others in this forum. If you detect new phishing or unusual behavior on the networks you manage, please post your findings to the <a href="https://nam02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcomptia-trans.informz.net%2Fz%2FcjUucD9taT04NjM0NDIxJnA9MSZ1PTk0MjAxMTE4MiZsaT03NTAyOTM5Mw%2Findex.html&data=04%7C01%7Cmjshoer%40comptia.org%7Cf95c323fbb274da3e68808d9eda652e6%7C8c39a7ffe0774d1c9a1c7431fe5eb465%7C0%7C0%7C637802120880919463%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=kvTc4wTQPCwqRWGjSXhxB39CwAbFNYUPDg0VF%2F6uGwY%3D&reserved=0" target="_blank"><strong>Threat Submissions</strong></a> forum so our analysts may immediately investigate and report back.<br /> <br /> As always, thank you for being an engaged member of the CompTIA ISAO.</p> </td></tr></table> <table style='width: 100%' class=''><tr><td><p style="text-align: left"></p> <table style='width: 100%' class=''><tr><th><table style='width: 100%' class=''><tr><td><img src="https://images.informz.net/Static/spacer-long.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></td></tr><tr><td><table style='width: 100%' class=''><tr><td><p style="text-align: center"><br /> <img src="https://comptia-trans.informz.net/comptia-trans/data/images/CompTIAISAO%20copy%202.png?cb=536662" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p> </td></tr><tr><td></td></tr></table><table style='width: 100%' class=''><tr><td><p style="text-align: left">MJ Shoer<br /> <strong>Chief Community Officer,<br /> Executive Director,<br /> CompTIA ISAO</strong></p> </td></tr></table></td></tr></table></th><th><table style='width: 100%' class=''><tr><td><img src="https://images.informz.net/Static/spacer-long.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></td></tr><tr><td><table style='width: 100%' class=''><tr><td><p style="text-align: center">[ATTACH=full]809[/ATTACH]</p> </td></tr><tr><td></td></tr></table><table style='width: 100%' class=''><tr><td><p style="text-align: left"><br /> Scott Algeier<br /> <strong>Executive Director,<br /> IT-ISAC</strong></p> </td></tr></table></td></tr></table></th></tr></table></td></tr></table></blockquote><p></p>
[QUOTE="MJ Shoer, post: 2822, member: 3"] [B]Today, the CompTIA ISAO issued the following advisory. This thread is being opened for any discussion or necessary response related to this matter.[/B] [TABLE] [TR] [TD][LEFT]Dear CompTIA ISAO Member, We have heard a few members expressing concern about the increased tensions surrounding the potential for military conflict between Russia and Ukraine. Specifically, some members are rightly concerned that any armed conflict between these two nations could include cyberattacks against critical infrastructure, businesses, and even private citizens around the globe. I am writing today to let you know that the CompTIA ISAO shares these concerns, and we have been closely monitoring this situation for several weeks now. While we do not have any information, non-classified or classified, to indicate any specific threat to our members, we do believe that we all need to be in a significantly heightened state of alert and to closely monitor your networks and those of our customers and supply chain partners for any sign of suspicious activity. Recently my colleague and friend, Scott Algeier, executive director of the IT-ISAC, issued a statement to all IT-ISAC members. As you know, the CompTIA ISAO and IT-ISAC are partners, and as such, Scott and I have collaborated on a statement to members of the CompTIA ISAO. That statement follows:[/LEFT][/TD] [/TR] [/TABLE] [TABLE] [TR] [TD][LEFT][/LEFT] [CENTER][B]Joint Statement on Russia-Ukraine Geopolitical Tensions[/B][/CENTER] [LEFT] With the heightened geopolitical tensions around the world, specifically between Russia and Ukraine, we wanted to take a moment to state the obvious—companies must take immediate steps to review and, if necessary, upgrade their cybersecurity and to prepare for potential consequences that might result from a nation-state sponsored cyberattack. We cannot predict what will happen, but we know what has happened. Nation-state actors have a long history of attacking critical infrastructure, private enterprise, public institutions, and individual citizens. We regularly report on various nation-state actors who infiltrate supply chains, launch direct assaults, and steal core Intellectual Property. If these actors use their capabilities against the industry in times of peace, we need to be prepared for them to deploy these capabilities during a time of conflict. We must prepare for the likelihood that they will hit us even harder than they have in the past. The military and intelligence communities have a process called the "preparation of the battlefield." Those who served in the military know more about this exercise than we do. But essentially, the exercise looks at desired outcomes one would want to achieve and then walks backward from there to identify what information and actions were needed to get to that outcome. I need to know A, B, and C, to achieve Y. We must assume that our adversaries have done a “preparation of the battlefield” on us. For years these actors have been probing our defenses, understanding our interconnections, and learning our interdependencies. Companies should be prepared for:[/LEFT] [LIST] [*]Disruptive attacks on their corporate networks. [*]Disruptive attacks on customer networks they secure. [*]Disruptive attacks on the networks of critical partners or suppliers that impact their own business. [*]Disruptive attacks on the critical infrastructure sectors that have cascading impacts on their own company and the geographic locations in which they, their customers, and their employees live and work. [*]Disruptive attacks on platforms used by individual citizens around the world. [/LIST] [LEFT]It is not our intent to be overly alarmist. We do not have access to any information as to timing or targets. However, some analysts suggest that the time for diplomacy is rapidly ending, and the likelihood of armed conflict is increasing. We are not predicting that a nation-state adversary will launch a significant cyberattack. But it is prudent to prepare and plan for the possibility of disruptive cyberattacks. As always, the CompTIA ISAO and the IT-ISAC teams will continue to provide updated reporting and share any new information we have with you. We encourage CompTIA ISAO members to continue with the strong, trusted collaboration that the [URL='https://nam02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcomptia-trans.informz.net%2Fz%2FcjUucD9taT04NjM0NDIxJnA9MSZ1PTk0MjAxMTE4MiZsaT03NTAyOTM5MA%2Findex.html&data=04%7C01%7Cmjshoer%40comptia.org%7Cf95c323fbb274da3e68808d9eda652e6%7C8c39a7ffe0774d1c9a1c7431fe5eb465%7C0%7C0%7C637802120880919463%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=w9GTWJyyFmk%2BU7d3KKfQNclbn7wbU7lezQ8wUFabDPA%3D&reserved=0'][B]Cyber Forum[/B][/URL] allows us to participate in. To that end, we are opening a thread in the [URL='https://nam02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcomptia-trans.informz.net%2Fz%2FcjUucD9taT04NjM0NDIxJnA9MSZ1PTk0MjAxMTE4MiZsaT03NTAyOTM5MQ%2Findex.html&data=04%7C01%7Cmjshoer%40comptia.org%7Cf95c323fbb274da3e68808d9eda652e6%7C8c39a7ffe0774d1c9a1c7431fe5eb465%7C0%7C0%7C637802120880919463%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=%2FmNmH%2FCz2zqh4vjpOV8Sdwr6boJVNsGy9H3JbTi68q8%3D&reserved=0'][B]Active Exploits Discussion/Recommendations[/B][/URL] forum today, which we will keep open until the current geopolitical tension around Russia and Ukraine resolve to a significant extent. Please post your concerns, questions, and any helpful information you may come across that may help others in this forum. If you detect new phishing or unusual behavior on the networks you manage, please post your findings to the [URL='https://nam02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcomptia-trans.informz.net%2Fz%2FcjUucD9taT04NjM0NDIxJnA9MSZ1PTk0MjAxMTE4MiZsaT03NTAyOTM5Mw%2Findex.html&data=04%7C01%7Cmjshoer%40comptia.org%7Cf95c323fbb274da3e68808d9eda652e6%7C8c39a7ffe0774d1c9a1c7431fe5eb465%7C0%7C0%7C637802120880919463%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=kvTc4wTQPCwqRWGjSXhxB39CwAbFNYUPDg0VF%2F6uGwY%3D&reserved=0'][B]Threat Submissions[/B][/URL] forum so our analysts may immediately investigate and report back. As always, thank you for being an engaged member of the CompTIA ISAO.[/LEFT][/TD] [/TR] [/TABLE] [TABLE] [TR] [TD][LEFT][/LEFT] [TABLE] [TR] [TH][TABLE] [TR] [TD][IMG]https://images.informz.net/Static/spacer-long.png[/IMG][/TD] [/TR] [TR] [TD][TABLE] [TR] [TD][CENTER] [IMG]https://comptia-trans.informz.net/comptia-trans/data/images/CompTIAISAO%20copy%202.png?cb=536662[/IMG][/CENTER][/TD] [/TR] [TR] [TD][/TD] [/TR] [/TABLE] [TABLE] [TR] [TD][LEFT]MJ Shoer [B]Chief Community Officer, Executive Director, CompTIA ISAO[/B][/LEFT][/TD] [/TR] [/TABLE][/TD] [/TR] [/TABLE][/TH] [TH][TABLE] [TR] [TD][IMG]https://images.informz.net/Static/spacer-long.png[/IMG][/TD] [/TR] [TR] [TD][TABLE] [TR] [TD][CENTER][ATTACH type="full" width="301px"]809[/ATTACH][/CENTER][/TD] [/TR] [TR] [TD][/TD] [/TR] [/TABLE] [TABLE] [TR] [TD][LEFT] Scott Algeier [B]Executive Director, IT-ISAC[/B][/LEFT][/TD] [/TR] [/TABLE][/TD] [/TR] [/TABLE][/TH] [/TR] [/TABLE][/TD] [/TR] [/TABLE] [/QUOTE]
Name
Verification
Post reply
Forums
Security
Active Exploits Discussion/Recommendations
Concerns/Attacks Related to Geopolitical Tensions between Russia and Ukraine
Top
Bottom
Home
Forums
Threat Reports
My.CompTIA
Menu