Members of the Five Eyes Alliance warned of possible cyber attacks from Russia on critical infrastructure

The Cyber ​​Security Agencies of the five members of the Alliance “Five Eyes”, Australia, Canada, New Zealand, Great Britain and the United States, announced joint advisory warning that the Russian government is considering options for cyber attacks on critical infrastructure.

Behind this warning are the US Cyber ​​Security and Infrastructure Security Agency, the FBI, the US National Security Agency (NSA), the Australian Cyber ​​Security Center, the Canadian Cyber ​​Security Center, the National Cyber ​​Security Center of New Zealand, and the British National Cyber ​​Security Center. and the National Crime Agency.

“Russia’s invasion of Ukraine could expose organizations inside and outside the region to increased malicious cyber activity. “This activity could happen in response to the unprecedented economic costs imposed on Russia, as well as the material support provided by the United States and its American allies and partners,” the warning reads.

Prior to this, the US government independently issued another warning about hackers behind states that use malicious software to maintain access to industrial control systems (ICS) and surveillance and data collection devices (SCADA).

Over the past two months, Ukraine has been hit by lightning-fast hacker attacks DDoS attacks do attacks with destructive malware to government and infrastructure entities.

The Five Eyes coalition warns that Russian-sponsored hackers can compromise IT networks, secure long-term online presence, steal sensitive data, and sabotage industrial control systems.

The warning reminds that some criminal groups recently publicly promised their support to the Russian government in the light of its invasion of Ukraine. These groups threatened cyber attacks against countries and organizations that provide material support to Ukraine.

Among the groups that have joined the Russian government are The CoomingProject, Killnet, Mummy Spider, Salty Spider, Scully Spider, Smokey Spider, Wizard Spider and Xaknet Team. Cyber ​​criminals from ransomware Conti groups (Wizard Spider) have even publicly promised support for the Russian government.

Since the beginning of the invasion of Ukraine, the cyber security agencies of the countries of the Five Eyes coalition have discovered malicious cyber operations against IT networks backed by various Russian state entities. These include Russia’s Federal Security Service (FSB), including FSB Center 16 and Center 18, Russia’s Foreign Intelligence Service, Russia’s Central Intelligence Agency, the GRU’s Special Center for Special Technologies, Russia’s Defense Ministry and the Central Scientific Institute of Chemistry and Mechanics.

The Five Eyes Cyber ​​Security Services has called on those in charge of protecting critical infrastructure networks to prepare for potential cyber threats, including destructive malware, ransomware, DDoS attacks and cyber espionage, by strengthening their cyber defenses and stepping up efforts to identify malicious activity indicators.

The precautions recommended by the agencies include, in the first instance, software updates, including operating systems, applications and firmware, the application of multi-factor authentication and strong passwords, providing end-user awareness training and protecting and monitoring RDP (remote desktop protocol) as one of the most common initial vectors of ransomware infection.

Prior to this warning, US President Joe Biden called on local organizations to step up their efforts in cyber defense because, according to him, Russia is considering carrying out a cyber attack in retaliation for the sanctions imposed on the country due to its invasion of Ukraine.

“It’s part of Russia’s game plan,” Biden said at the time. “My administration reiterates these intelligence-based warnings that the Russian government is exploring options for potential cyber attacks.”



Source: Informacija.rs by www.informacija.rs.

*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!