The United States, alongside several of its allies including the UK, are accusing the Russian military of attacking global critical infrastructure units through malicious cyber operations bent on espionage, sabotage, and reputational damage.The FBI, NSA, and CISA have published a joint advisory assessing the cyber actors affiliated with the Russian GRU 161st Specialist Training Center, otherwise known as Unit 29155. The group has been active since 2020, but began deploying WhisperGate malware against Ukrainian organizations in January 2022.In addition to leveraging the malware against Ukrainian victims, the group has also conducted network operations against numerous members of NATO in North America and Europe, as well as targets in Latin America and Central Asia. These operations include website defacements, infrastructure scanning, data exfiltration, and data leaking.According to the advisory, “Unit 29155 cyber actors are known to target critical infrastructure and key resource sectors, including the government services, financial services, transportation systems, energy, and healthcare sectors.”Though overt attacks on critical infrastructure are concerning, the issue goes further than that.”While cyberattacks against critical infrastructure are certainly concerning, it is even more concerning to imagine that adversaries could gain access to systems without our knowledge and remain hidden until an issue occurred, and could then be used to take down critical tools, utilities, or communication systems,” said Erich Kron, security awareness advocate at KnowBe4. Kron cited “vendors providing services to these critical infrastructure partners” as being at high risk for related attacks as well.Organizations can mitigate against these kinds of threats by prioritizing routine system updates and remediating known exploited vulnerabilities; segmenting networks to prevent the spread of malware or malicious activity; and enabling phishing-resistant multifactor authentication, especially for webmail, VPNs, and critical system accounts.
Feds Warn on Russia Targeting Critical Infrastructure
Related Posts
Apple’s New Passwords App May Solve Your Login Nightmares
Apple’s latest iPhone software update, iOS 18, arrives today and includes a new app: Passwords. For the first time, Apple is taking your phone’s ability to save login details and…
D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers
D-Link has fixed critical vulnerabilities in three popular wireless router models that allow remote attackers to execute arbitrary code or access the devices using hardcoded credentials. The impacted models are…