We often want to approach IT security from a detached and somewhat clinical position, evaluating threats and vulnerabilities with an objective logic devoid of an understanding of the motivations employed by the cyber criminals involved. Now is not the time to take that approach to IT security.
Our nation faces a very real and immediate threat in the form of cyberattacks from foreign nations motivated by anger and revenge. As IT security professionals, we cannot prepare and defend our networks and computer resources in a vacuum. We must remain aware of the sociopolitical situation in order to understand the potential nature of the attacks to come and timing of those attacks relative to political decisions and military actions taking place around the world.
Financial institutions has begun to receive alerts from the Federal Reserve based on information provided by the Department of Homeland Security concerning potential threats from Iran and Iranian proxies motivated to disrupt networks, services and social feeds in the United States. Specific IP address information is being provided as a first step to content filtering and threat identification.
Please remain diligent in your defensive posture during this period of immanent threats. Educate your users as to the situation and the possibility of social engineering attacks associated with these threats. Stay abreast of the situation and monitor multiple news sources. Be cognizant of the fact that a week from now, Windows 7 and Windows Server 2008 will reach end of life and security patching for those products will cease. Devices running those operating systems will, for all practical purposes, have large targets painted on their chassis. If you find yourself with devices that you have not been able to update yet, take steps to properly isolate these devices and restrict access to the Internet.
Now is not the time to assume that you or your organization will not be a target. Be prepared and aware.