March 25, 2022
“Important Cyber Security Alert” from the MN Department of Commerce. Please make sure you are protecting your systems. Remember that the Big I MN has access to tools that can help you protect your data. CyberFin is a recommended source of protection for your agency. Beazley is our recommended cyber security policy. Here is a link to our resource page on Cyber
CYBERSECURITY ALERT: The call for increased vigilance in securing private and public sector digital systems
On February 24th, 2022, the Cybersecurity and Infrastructure Security Administration (CISA) issued a “Shields Up” warning following Russia’s invasion of Ukraine. On March 21, the White House published a “Statement by President Biden on our Nation’s Cybersecurity” reiterating intelligence community warnings that the Russian Government is exploring options for potential cyber attacks on US critical infrastructure. President Bident’s statement emphasizes the need for vigilance among private sector critical infrastructure stakeholders.

The Minnesota Legislature recently enacted a law that requires certain licensees related to the insurance industry to implement cybersecurity programs and to report cybersecurity events. State Statute 60A.9851 outlines the requirements for information security programs for specified licensees. These requirements reflect accepted industry security practices and provide a framework for entities of any size to better secure their digital information systems. The Minnesota Department of Commerce encourages licensees to use this framework to guide your heightened awareness and reminds non-exempted entities of your various reporting requirements under the law.

Heightened vigilance is in the best interest of all of us. As President Biden emphasized in his statement, cybersecurity must be a priority for all public and private sector stakeholders. Malicious actors are constantly probing US private sector for vulnerabilities in their digital systems.

The Cybersecurity and Infrastructure Security Administration (CISA) recently issued Joint Cybersecurity Advisory CU-000146-MW “Indicators of Compromise Associated with AvosLocker Ransomeware.” This warning identifies financial services, critical manufacturing and government facilities as the primary sector targets, but emphasizes the ability for attackers to affect systems in any sector and at any level. In the alert, CISA published recommended mitigations. The Minnesota Commerce Department recommends every licensee review these steps (copied below) and implement those which can best protect your business. Combined with the measures outlined in Minnesota’s information security statutes, all entities should be working to secure US and Minnesota critical infrastructure.

Recommended Mitigation Steps
  • Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, and secure location (i.e., hard drive, storage device, the cloud).
  • Implement network segmentation and maintain offline backups of data to ensure limited interruption to the organization.
  • Regularly back up data, with password protection for backup copies offline. Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.
  • Install and regularly update antivirus software on all hosts and enable real time detection.
  • Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.
  • Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts.
  • Audit user accounts with administrative privileges and configure access controls with least privilege in mind. Do not give all users administrative privileges.
  • Disable unused ports.
  • Consider adding an email banner to emails received from outside your organization.
  • Disable hyperlinks in received emails.
  • Use multifactor authentication where possible.
  • Use strong passwords and regularly change passwords to network systems and accounts, implementing the shortest acceptable timeframe for password changes. Avoid reusing passwords for multiple accounts.
  • Require administrator credentials to install software.
  • Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN.
  • Focus on cyber security awareness and training. Regularly provide users with training on information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities (i.e., ransomware and phishing scams).

For more information, tips, and best practices you can use to secure your network and train your people, please visit Shields Up | CISA.

Regulated entities can report a cybersecurity event please at: Cyber Security Incident Reporting Form

Quick Links
Big I MN | P: 763-235-6460 | yourfriends@bigimn.org | bigimn.org