CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks

Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key findings to provide network defenders proactive steps to reduce the threat of similar activity from malicious cyber actors. 

  

As detailed in the advisory, the CISA red team obtained persistent access to the organization’s network, moved laterally across multiple geographically separated sites, and gained access to systems adjacent to the organization’s sensitive business systems. This cybersecurity advisory highlights the importance of early detection and continual monitoring of cyber assets.  

  

CISA encourages critical infrastructure organizations to apply the recommendations in the Mitigations section of this CSA to ensure security processes and procedures are up to date, effective, and enable timely detection and early mitigation of malicious activity.

Please share your thoughts. We recently updated our anonymous Product Feedback Survey and we'd welcome your feedback.