• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
us gov issues fresh warning over russian threat to critical

US gov issues fresh warning over Russian threat to critical infrastructure

You are here: Home / General Cyber Security News / US gov issues fresh warning over Russian threat to critical infrastructure
January 12, 2022

Shutterstock

Cyber security experts at the US authorities have warned critical infrastructure network defenders to “undertake a heightened point out of recognition” versus Russian state-sponsored cyber attacks.

The Federal Bureau of Investigation (FBI), Cyber Security and Infrastructure Security Company (CISA), and the Countrywide Security Company (NSA) issued a joint advisory on Tuesday giving an overview of the usually utilised ways and procedures employed by Russian state-backed risk actors so the security group can consider a a lot more proactive stance on threat looking.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The trio of federal organizations explained these Russian hackers normally exploit flaws in well known business products, listing known issues in goods this sort of as Cisco routers (CVE-2019-1653), Oracle WebLogic (CVE-2020-14882), Citrix (CVE-2019-19781), Pulse Secure (CVE-2019-11510), Microsoft Trade (CVE-2020-0688), and a lot more.

“Russian point out-sponsored APT actors have also demonstrated complex tradecraft and cyber capabilities by compromising 3rd-party infrastructure, compromising 3rd-party software, or establishing and deploying custom malware,” the joint advisory reads. “The actors have also demonstrated the means to preserve persistent, undetected, very long-expression access in compromised environments – like cloud environments – by utilizing respectable credentials.

“In some conditions, Russian condition-sponsored cyber functions towards critical infrastructure organisations have specifically focused operational technology (OT)/industrial regulate techniques (ICS) networks with destructive malware.”

Organisations are proposed to utilize a selection of mitigations to be certain practical resilience and reduce the risk of compromise. These include actions these types of as confirming reporting procedures, minimising staff gaps in security protection, subsequent business very best techniques for id and obtain administration, and proactively monitoring menace feeds for patches.

Mainly because Russian threat actors have a record of lingering in networks undetected for very long intervals of time, the FBI, NSA, and CISA endorse all critical infrastructure organisations to also employ robust log selection and retention, to support incident investigations, and to proactively search for behavioural irregularities this kind of as password spray attempts and detecting use of compromised credentials.

The trio of organizations also highlighted a amount of incidents in new record where Russian state-sponsored hackers have been identified to attack area governments and critical infrastructure. 

From September 2020 to “at least” December 2020, Russian attackers qualified “dozens” of state, regional, tribal, and territorial governments, as properly as aviation networks, succeeding in extracting information from numerous victims.

They also pointed to Russia’s instruction marketing campaign in the US’ vitality sector in between 2011 and 2018, deploying malware specially crafted for critical infrastructure environments and stealing information related to the field. 

“When the FBI, CISA and NSA group up to issue a joint alert about Russian condition-sponsored APTs, just about every security staff on the world desires to sit up and get recognize,” said Dr Süleyman Özarslan, co-founder of Picus Security to IT Pro. “This warn highlights the seriousness and prevalence of ongoing malicious cyber operations by Russian condition-sponsored APT actors. It ought to also be of excellent assistance to the cybersecurity neighborhood in minimizing the risk posed by these threats.”

The advisory comes as US officers join Russia’s associates in Geneva to discuss Russia’s prospective invasion of Ukraine, a region which was also on the obtaining conclude of Russian hackers focusing on critical infrastructure concerning 2015 and 2016, the advisory noted.

So here’s how I read through this: “State and NSC are in Geneva correct now seeking to continue to keep the Russians out of Ukraine, but in circumstance that does not function, you could possibly want to put together for badness and here’s how Russian cyber operators do business…” https://t.co/pE7QwG4vMO

— Chris Krebs (@C_C_Krebs) January 11, 2022

Cyber security specialist and former CISA director Chris Krebs advised the timing of the advisory’s publication could be interpreted as a warning to US organisations to prepare for the Geneva talks to go south, which they reportedly are soon after 8 hrs of conversations.


Some elements of this posting are sourced from:
www.itpro.co.uk

Previous Post: «google drive accounted for the most malware downloads in 2021 Google Drive accounted for the most malware downloads in 2021
Next Post: Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware hackers use cloud services to distribute nanocore, netwire, and asyncrat»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Qilin Ransomware Adds “Call Lawyer” Feature to Pressure Victims for Larger Ransoms
  • Iran’s State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist
  • 6 Steps to 24/7 In-House SOC Success
  • Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider
  • 67 Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
  • New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud and NFC Theft
  • BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware
  • Secure Vibe Coding: The Complete New Guide
  • Uncover LOTS Attacks Hiding in Trusted Tools — Learn How in This Free Expert Session
  • Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign

Copyright © TheCyberSecurity.News, All Rights Reserved.