Security News > 2022 > April > US and allies warn of Russian hacking threat to critical infrastructure
"Given recent intelligence indicating that the Russian government is exploring options for potential cyberattacks against U.S. critical infrastructure, CISA along with our interagency and international partners are putting out this advisory to highlight the demonstrated threat and capability of Russian state-sponsored and Russian aligned cybercrime groups," added CISA Director Jen Easterly.
The Five Eyes cybersecurity agencies recommends measures critical infrastructure orgs should take to harden their defenses and protect their information technology and operational technology networks against Russian state-sponsored and criminal cyber threats, including ransomware, destructive malware, DDoS attacks, and cyber espionage.
Today's joint advisory builds upon a similar one issued in January by the FBI, CISA, and NSA, exposing Russian hacking groups who have targeted organizations from US critical infrastructure sectors.
At the time, the US agencies urged critical infrastructure orgs to prepare for attacks orchestrated by Russian-backed hacking groups and advised US critical infrastructure defenders to focus on detecting malicious activity by enforcing robust log collection/retention to detect potential Russian-linked APT activity.
In a fourth joint advisory published one year ago, the FBI, DHS, and CIA alerted US organizations of continued attacks linked to Russian SVR government hackers against both US and foreign entities.
The US government is also offering a reward of up to $10 million for information on malicious cyber activities conducted by state-backed hacking groups targeting the country's critical infrastructure sectors.
News URL
Related news
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- US warns of last-minute Iranian and Russian election influence ops (source)
- Russian suspected Phobos ransomware admin extradited to US over $16M extortion (source)
- Faraway Russian hackers breached US organization via Wi-Fi (source)
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- US charges Russian-Israeli as suspected LockBit ransomware coder (source)