Key U.S. government agencies in the cybersecurity space on Tuesday issued a joint advisory urging the nation’s critical infrastructure entities to boost their alert levels for potential Russian activity against their computer networks.
The Cybersecurity Advisory (CSA) issued by the Cybersecurity and Infrastructure Security Agency (CISA), FBI and National Security Agency (NSA), comes amid concerns of a potential Russian invasion of Ukraine and as a consequence non-military actions by the U.S. and its NATO partners to punish Russia in turn. The advisory doesn’t mention a specific threat or action that led to release of the new alert.
“CISA, the FBI, and NSA encourage the cybersecurity community, especially critical infrastructure network defenders, to adopt a heightened state of awareness and conduct proactive threat hunting, and implement the mitigations identified in the joint CSA,” the advisory says.
The CSA points out that Russian state-sponsored cyber threat actors have targeted critical infrastructure entities in the U.S. and internationally including the defense industrial base, healthcare, energy, telecommunications and government facilities sectors. The advisory lists several actions these entities should take to strengthen their cyber postures such as exercising incident response plans, follow best practices for identity and access management, and vulnerability and configuration management, and increase organizational vigilance.
The advisory also lists a number of technical vulnerabilities that have been exploited by Russian state-sponsored actors. In addition, these actors have also compromised third-party software, developed custom malware, and have targeted operational technologies, it says.