State urges ‘heightened posture’ regarding cybersecurity

HONOLULU — In the wake of continued geopolitical tensions and related cybersecurity attacks affecting Ukraine and other countries in the region, the Hawaii Office of Homeland Security has been working hand-in-hand with its partners to identify and rapidly share information about cybersecurity threats that could threaten the operations of critical infrastructure in Hawaii.

State, local and private-sector partners in the state, as well as local and nationally based federal partners, are all working together to help organizations reduce their cyber risk, the HOHS said in a news release.

“While there is no specific, credible threat to Hawaii at this time, we encourage all organizations — regardless of size — to heed the U.S. Department of Homeland Security’s recommendations and adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets,” said Frank Pace, administrator of the HOHS.

The office requests any incidents or abnormal activity related to this advisory be reported through the Hawaii State Fusion Center at hsfc@hawaii.gov, in addition to reporting to Cybersecurity Infrastructure Security Agency (CISA) at https://us-cert.cisa.gov/report, Central@cisa.dhs.gov, or 888-282-0870, and/or to the FBI via your local FBI field office, or the FBI’s 24/7 CyWatch at 855-292-3937 or CyWatch@fbi.gov.

The Hawaii State Fusion Center develops, produces and shares intelligence and other actionable information central to preventing cybersecurity incidents, as well as responding to those that do occur.

The federal cybersecurity recommendations are as follows.

• Reduce the likelihood of a damaging cyber intrusion by keeping your networks secure, ensuring software is up to date by prioritizing updates that address known exploited vulnerabilities identified by CISA, and confirming with IT that all nonessential ports and protocols have been disabled. If your organization uses cloud services, confirm that IT personnel have reviewed and implemented strong controls outlined in CISA’s guidance. Make sure to also sign up for CISA’s free cyber hygiene services.

• Take steps to quickly detect a potential intrusion by ensuring that cybersecurity/IT personnel are focused on identifying and assessing unusual behavior and confirming that your entire network is protected by antivirus/antimalware software with updated signatures.

• Ensure that the organization is prepared to respond if an intrusion occurs by designating a crisis-response team, assuring that key personnel will be available in response to an incident, and conducting a tabletop exercise to ensure that all crisis-response personnel understand their roles.

• Maximize the organization’s resilience to a destructive cyber incident by testing backup procedures to ensure that critical data can be rapidly restored, ensuring that backups are isolated from network connections, and conducting tests of manual controls to ensure that critical functions remain operable if the network is unavailable or untrusted.

• CISA urges cybersecurity/IT personnel at every organization to review “Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure” (www.cisa.gov/uscert/ncas/alerts/aa22-011a).

CISA also recommends organizations visit StopRansomware.gov, a centralized, whole-of-government webpage providing ransomware resources and alerts.