On February 7, 2024, the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and FBI released a cybersecurity advisory stating that in the event of a major crisis or conflict with the U.S., “People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure.”
To help mitigate this activity today, organizations should:
- Apply patches for internet-facing systems.
- Implement phishing-resistant multifactor authentication (MFA).
- Ensure logging is turned on, reviewed, and triaged for application, access, and security logs.
The Perspective From Forvis Mazars
State-sponsored threat actors continue to be a significant threat and they can take years to fully exploit an organization—they can be very patient.
Cyberthreat intelligence and intrusion detection continue to be top priorities for all organizations. It is imperative that organizations continue to invest and improve these components of their overall cybersecurity architecture and programming. Chief information security officers (CISOs) need to be diligent in maintaining and testing their cyber resiliency, incident response processes and capabilities, and vulnerability management.
For the full advisory details, visit cisa.gov. If you have any questions or need assistance, reach out to a professional at Forvis Mazars.