Joint Cybersecurity Advisory: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure   [open pdf - 795KB]

From the Document: "The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom are releasing this joint Cybersecurity Advisory (CSA). The intent of this joint CSA is to warn organizations that Russia's invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity [hyperlink]. This activity may occur as a response to the unprecedented economic costs imposed on Russia as well as materiel support provided by the United States and U.S. allies and partners. Evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks[...]. Recent Russian state-sponsored cyber operations have included distributed denial-of-service (DDoS) attacks [hyperlink], and older operations have included deployment of destructive malware against Ukrainian government and critical infrastructure organizations [hyperlink]. Additionally, some cybercrime groups have recently publicly pledged support for the Russian government. These Russian-aligned cybercrime groups have threatened to conduct cyber operations in retaliation for perceived cyber offensives against the Russian government or the Russian people. Some groups have also threatened to conduct cyber operations against countries and organizations providing materiel support to Ukraine. Other cybercrime groups have recently conducted disruptive attacks against Ukrainian websites, likely in support of the Russian military offensive. This advisory updates joint CSA Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure [hyperlink], which provides an overview of Russian state-sponsored cyber operations and commonly observed tactics, techniques, and procedures (TTPs). This CSA [...] provides an overview of Russian state-sponsored advanced persistent threat (APT) groups, Russian-aligned cyber threat groups, and Russian-aligned cybercrime groups to help the cybersecurity community protect against possible cyber threats."

Report Number:
Joint Cybersecurity Advisory AA22-110A
Public Domain
Retrieved From:
Cybersecurity and Infrastructure Security Agency: https://www.cisa.gov/
Media Type:
Help with citations