Three federal agencies and a number of international partners issued a joint advisory on Wednesday regarding Russian cyber threats targeting critical infrastructure that could affect “organizations inside and outside Ukraine.”
The Cybersecurity and Infrastructure Security Agency (CISA) said in a statement Wednesday that the advisory is “the most comprehensive view of the cyber threat posed by Russia to critical infrastructure issued by government cyber experts since the ‘invasion of Ukraine in February’.
The advisory includes information on “malicious cyber operations” perpetrated by actors associated with the Russian Federal Security Service (FSB), the Russian Foreign Intelligence Service (SVR), the Main Intelligence Directorate of the Russian General Staff (GRU) and the Russian Defense Ministry, Central Scientific Institute of Chemistry and Mechanics, according to CISA.
The agency said the advisory also includes information about cyberthreat and cybercrime groups associated with Russia, some of which have recently expressed support for the Russian government.
Additionally, CISA said that some of the cybercrime groups mentioned in the advisory “threatened to conduct cyber operations in retaliation for perceived cyberoffensives against Russia or against countries or organizations providing material support to Ukraine.” .
Federal agencies and international partners recommend that organizations take a number of immediate steps to protect their networks, including focusing on addressing known exploited vulnerabilities, enforcing multiple authentications, monitoring remote desktop protocols and organizing end-user awareness training.
CISA, the FBI and the National Security Agency signed the notice, in addition to the Australian Center for Cyber Security, the Canadian Center for Cyber Security, the New Zealand National Cyber Security Center and the National Cyber Security Center from the United Kingdom.
CISA Director Jen Easterly said the advisory “reinforces the demonstrated threat and capability of Russian state-sponsored, Russian-aligned cybercriminal groups to our homeland.”
“We know that malicious cyber activity is part of the Russian playbook. We also know that the Russian government is exploring options for potential cyberattacks against US critical infrastructure,” she added.
Wednesday’s notice comes in the seventh week of Russia’s invasion of Ukraine, which began on February 24. that target US critical infrastructure.
“To be clear, there is no certainty that there will be a cyber incident on critical infrastructure,” White House Deputy National Security Adviser for Cyber and Emerging Technologies Anne Anne told reporters. Neuberger, during a press briefing.
“Then why am I here?” Because this is a call to action and a call to accountability for all of us,” she added.