CISA Red Team Simulates Cyberattack Against Critical Infrastructure Organization

A Cybersecurity and Infrastructure Security Agency red team recently tested the cyber defenses of an unnamed critical infrastructure organization using commonly used attack methods.

According to a CISA advisory, the red team sent emails to seven targets containing links to a fraudulent virtual meeting invite. Two of the targets clicked the links, allowing the installation of malicious software that the red team used to access workstations and move laterally to infiltrate critical systems and obtain sensitive data.

The simulated cyberattack was conducted as CISA calls on Congress to pass new legislation that would make technology manufacturers liable for security flaws in their technology products and networks and establish enhanced software care standards in specific critical infrastructure industries, FCW reported.

In a recent speech at Carnegie Mellon University, CISA Director Jen Easterly, a two-time Wash100 award winner, urge organizations to adopt multifactor authentication and other cybersecurity tools to improve their cyber defenses and be transparent in the cyber practices and controls they implement similar to Apple, Twitter and Microsoft’s disclosure of their MFA adoption rates.

The CISA advisory noted that MFA blocked the red team’s attempt to gain access to sensitive business systems.

Securing critical systems is a priority for the Biden administration in view of the rising cyberattacks and cybercrime stemming from Russia’s military aggression against Ukraine. The White House released a national cybersecurity strategy on Thursday that involves improving the cybersecurity of critical infrastructure companies, establishing a national cyber workforce and would hold large companies accountable for failing to secure their software and shifting the burden of cybersecurity from individuals and small businesses to organizations best equipped to mitigate cyber risks.