State-sponsored hackers from Russia continue to prevail in the cyberthreat landscape. Government authorities and organizations globally are warning about frequent cyberespionage campaigns from Russian actors. Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), FBI, and National Security Agency (NSA) released a joint advisory on detecting, responding, and mitigating security threats from Russian state-sponsored actors. The advisory provides an overview of Russian hackers’ cyber operations, including their commonly used tactics, techniques, and procedures (TTPs).
“CISA, the FBI, and NSA encourage the cybersecurity community—especially critical infrastructure network defenders—to adopt a heightened state of awareness, conduct proactive threat hunting, and implement the mitigations identified in the advisory,” the advisory said.
The federal agencies stated that Russian state-sponsored advanced persistent threat (APT) actors leveraged various attacking vectors like spearphishing, brute force, and exploiting known vulnerabilities to break into targeted network systems.
Vulnerabilities known to be exploited by Russian state-sponsored APT actors for initial access include:
Russian actors reportedly targeted a variety of U.S. and international critical infrastructure organizations in the Defense, Health Care, Public Health, Energy, Telecommunications, and Government Facilities Sectors.
Also Read: Russia Blocks Tor Web Over Privacy Concerns
The advisory stated that organizations detecting potential APT activity in their network systems should:
CISA, the FBI, and NSA recommended organizations implement the below security measures to increase their cyber resilience against rising threats:
The post Federal Agencies Release Advisory On Mitigating Security Threats From Russian APT Actors appeared first on CISO MAG | Cyber Security Magazine.
Click to Open Code Editor