/* ---- Google Analytics Code Below */

Thursday, April 28, 2022

US and allies warn of Russian hacking threat to critical infrastructure

Infratructure counts, keep it safe

US and allies warn of Russian hacking threat to critical infrastructure   By Sergiu Gatlan

Today, Five Eyes cybersecurity authorities warned critical infrastructure network defenders of an increased risk that Russia-backed hacking groups could target organizations within and outside Ukraine's borders.

The warning comes from cybersecurity agencies in the United States, Australia, Canada, New Zealand, and the United Kingdom in a joint cybersecurity advisory with info on Russian state-backed hacking operations and Russian-aligned cybercrime groups.

"Critical infrastructure organizations should maintain a heightened state of alert against Russian cyber threats. Stay vigilant and follow the mitigations from our joint advisory to harden your IT and OT networks now," the NSA warned today.

Recommended actions to protect networks against attacks

The Five Eyes cybersecurity agencies recommends measures critical infrastructure orgs should take to harden their defenses and protect their information technology (IT) and operational technology (OT) networks against Russian state-sponsored and criminal cyber threats, including ransomware, destructive malware, DDoS attacks, and cyber espionage.

Defenders are advised to immediately prioritize patching actively exploited vulnerabilities, enforce multifactor authentication, secure and monitor remote desktop protocol (RDP), and provide end-user awareness and training.

Today's joint advisory builds upon a similar one issued in January https://www.bleepingcomputer.com/news/security/us-govt-warns-of-russian-hackers-targeting-critical-infrastructure/ by the FBI, CISA, and NSA, exposing Russian hacking groups (including APT29, APT28, and the Sandworm Team) who have targeted organizations from US critical infrastructure sectors.

At the time, the US agencies urged critical infrastructure orgs to prepare for attacks orchestrated by Russian-backed hacking groups and advised US critical infrastructure defenders to focus on detecting malicious activity by enforcing robust log collection/retention to detect potential Russian-linked APT activity. .... ' 

No comments: