Federal cyber officials are alerting critical infrastructure operators of the potential for Russian state-sponsored Russian cyberattacks on their systems.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA), issued Tuesday a joint cybersecurity advisory (CSA) detailing Russian cyber activities, outlining the threat, offering guidance for preparation, and encouraging vigilance.
The advisory outlines precautions critical infrastructure organizations should take now to counter this threat including patching all systems, implementing multi-factor authentication, utilize antivirus software, and develop internal contact lists. The advisory also points to the cyber actors’ history of targeting state, local, tribal, and territorial governments.
Click here for details of the threat including a full outline of CISA’s recommended procedures.
“CISA, the FBI, and NSA encourage the cybersecurity community—especially critical infrastructure network defenders—to adopt a heightened state of awareness, conduct proactive threat hunting, and implement the mitigations identified in the joint CSA,” the agencies said in a statement announcing its concerns on Tuesday. “CISA recommends network defenders review CISA's Russia Cyber Threat Overview and Advisories page for more information on Russian state-sponsored malicious cyber activity. CISA recommends critical infrastructure leaders review CISA Insights: Preparing For and Mitigating Potential Cyber Threats for steps to proactively strengthen their organization’s operational resiliency against sophisticated threat actors, including nation-states and their proxies.”
For more information on general cybersecurity best practices, CISA offers on its website resources to aid state, local, territorial, and tribal governments on identify, protect, detect, and respond to threats.