In their 2021 Threat Landscape Report, ENISA, the EU Agency for Cybersecurity with whom we closely work, reported a substantial increase of cybersecurity threats for both private and public organisations across the EU.
In our own Threat Landscape Report Volume 1, we reported that the number of attacks conducted by Advanced Persistent Threats (APTs) against EUIBAs increased by 60% in 2020 compared to 2019. These attacks have further increased by 30% in 2021, bringing the total number of significant incidents experienced by EUIBAs to 17, up from only 1 in 2018.
So that’s why, on 14 February 2022, we made a joint publication with ENISA to encourage all EU-based organisations to implement a set of cybersecurity best practices in order to boost their cyber resilience.
Then, on March 9, we published a guidance document which contains specific implementation recommendations. By applying these recommendations systematically, organisations would:
1. Improve their cybersecurity posture to fend off a wide range of attacks and limit the number of
cybersecurity incidents.
2. Detect and react to cyber operations that may be carried off by
sophisticated threat actors.
Our guidance covers measures related to cybersecurity posture improvement, prevention and resilience, detection as well as incident response. It also includes an annex with technical and pragmatic hardening recommendations such as periodically invalidating krbtgt credentials, protecting AD FS private keys, and identifying and reviewing non-computer accounts configured with a service principal name. Last but not least, we provide examples of techniques, tactics and procedures used by sophisticated threat actors in another annex.
So get our guidance while supply lasts and please apply it after consulting your national or governmental CSIRT. Indeed, the recommendations it contains may complement but do not replace guidance issued by your national or governmental cybersecurity authority.
If you have any suggestion or comment, don’t hesitate to send us an email at services@cert.europa.eu.