Security News > 2021 > May > Russian state hackers switch targets after US joint advisories

Russian Foreign Intelligence Service operators have switched their attacks to target new vulnerabilities in reaction to US govt advisories published last month with info on SVR tactics, tools, techniques, and capabilities used in ongoing attacks.
In a third advisory issued on April 26, the FBI, DHS, and CIA warned of continued attacks coordinated by the Russian SVR against the US and foreign organizations.
Russian SVR's response to US and UK advisories.
Today, in a new NCSC(UK)-CISA-FBI-NSA joint security advisory [PDF], network defenders are warned to patch systems as promptly as possible to match the speed with which Russian SVR state hackers already changed targets following the April advisories.
"The SVR targets organizations that align with Russian foreign intelligence interests, including governmental, think-tank, policy and energy targets, as well as more time-bound targeting, for example, COVID-19 vaccine targeting in 2020," the joint advisory reads.
CISA also published today a summary of mitigation strategies [PDF] shared in the joint advisories issued during the last month to help secure networks against Russian SVR attacks.
News URL
Related news
- Spain arrests suspected hacker of US and Spanish military agencies (source)
- Suspected NATO, UN, US Army hacker arrested in Spain (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- Russian military hackers deploy malicious Windows activators in Ukraine (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Ex-NSA boss: Election security focus helped dissuade increase in Russian meddling with US (source)
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)