Security News > 2022 > April > US and allies warn of Russian hacking threat to critical infrastructure
"Given recent intelligence indicating that the Russian government is exploring options for potential cyberattacks against U.S. critical infrastructure, CISA along with our interagency and international partners are putting out this advisory to highlight the demonstrated threat and capability of Russian state-sponsored and Russian aligned cybercrime groups," added CISA Director Jen Easterly.
The Five Eyes cybersecurity agencies recommends measures critical infrastructure orgs should take to harden their defenses and protect their information technology and operational technology networks against Russian state-sponsored and criminal cyber threats, including ransomware, destructive malware, DDoS attacks, and cyber espionage.
Today's joint advisory builds upon a similar one issued in January by the FBI, CISA, and NSA, exposing Russian hacking groups who have targeted organizations from US critical infrastructure sectors.
At the time, the US agencies urged critical infrastructure orgs to prepare for attacks orchestrated by Russian-backed hacking groups and advised US critical infrastructure defenders to focus on detecting malicious activity by enforcing robust log collection/retention to detect potential Russian-linked APT activity.
In a fourth joint advisory published one year ago, the FBI, DHS, and CIA alerted US organizations of continued attacks linked to Russian SVR government hackers against both US and foreign entities.
The US government is also offering a reward of up to $10 million for information on malicious cyber activities conducted by state-backed hacking groups targeting the country's critical infrastructure sectors.
News URL
Related news
- Russian military hackers linked to critical infrastructure attacks (source)
- Chinese hacking groups target Russian government, IT firms (source)
- SOCI Act 2024: Thales Report Reveals Critical Infrastructure Breaches in Australia (source)
- Food security: Accelerating national protections around critical infrastructure (source)
- SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments (source)
- US cracks down on Russian disinformation before 2024 election (source)
- 80% of Critical National Infrastructure Companies Experienced an Email Security Breach in Last Year (source)
- Despite Russia warnings, Western critical infrastructure remains unprepared (source)
- US proposes ban on Chinese, Russian connected car tech over security fears (source)
- US sanctions crypto exchanges used by Russian ransomware gangs (source)