The Cybersecurity and Infrastructure Security Agency, along with authorities from the U.K., Australia, Canada and New Zealand, issued a new advisory on malicious Russian state-sponsored cyber activity.
Three things to know:
- Russian state-sponsored hackers have compromised IT networks, created mechanisms to maintain long-term access to IT networks, exfiltrated data from IT and operational technology networks and disrupted industrial control systems by deploying malware, according to the advisory, issued April 20.
- Hackers from the following Russian government and military organizations have conducted malicious operations against IT and OT networks: the Russian Federal Security Service, the Russian Foreign Intelligence Service, the Russian General Staff Main Intelligence Directorate, the 85th Main Special Service Center, the GRU’s Main Center for Special Technologies, the Russian Ministry of Defense and the Central Scientific Institute of Chemistry and Mechanics.
- The advisory recommended organizations protect themselves by patching their systems' known exploited vulnerabilities, enforcing multifactor authentication, securing and monitoring remote desktop protocol and other risky services, and providing awareness and training.