Security News > 2022 > January > FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure
Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors.
To that end, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and National Security Agency have laid bare the tactics, techniques, and procedures adopted by the adversaries, including spear-phishing, brute-force, and exploiting known vulnerabilities to gain initial access to target networks.
The list of flaws exploited by Russian hacking groups to gain an initial foothold, which the agencies said are "Common but effective," are below -.
"Russian state-sponsored APT actors have also demonstrated sophisticated tradecraft and cyber capabilities by compromising third-party infrastructure, compromising third-party software, or developing and deploying custom malware," the agencies said.
Russian APT groups have been historically observed setting their sights on operational technology and industrial control systems with the goal of deploying destructive malware, chief among them being the intrusion campaigns against Ukraine and the U.S. energy sector as well as attacks exploiting trojanized SolarWinds Orion updates to breach the networks of U.S. government agencies.
To increase cyber resilience against this threat, the agencies recommend mandating multi-factor authentication for all users, looking out for signs of abnormal activity implying lateral movement, enforcing network segmentation, and keeping operating systems, applications, and firmware up to date.
News URL
https://thehackernews.com/2022/01/fbi-nsa-and-cisa-warns-of-russian.html
Related news
- Russian military hackers linked to critical infrastructure attacks (source)
- FBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 Million (source)
- CISA warns of hackers abusing Cisco Smart Install feature (source)
- CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature (source)
- Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218) (source)
- Russian-Linked Hackers Target Eastern European NGOs and Media (source)
- Russian Hackers Using Fake Brand Sites to Spread DanaBot and StealC Malware (source)
- Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web (source)
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- SOCI Act 2024: Thales Report Reveals Critical Infrastructure Breaches in Australia (source)