Mitigating Russian state-sponsored cyber threats to US critical infrastructure
In a new Cybersecurity Advisory (CSA), the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) are asking cybersecurity community — especially critical infrastructure network defenders — to adopt a heightened state of awareness, conduct proactive threat hunting, and implement the mitigations to mitigate Russian-state sponsored threat actors.
The CSA provides an overview of Russian state-sponsored cyber operations; commonly observed tactics, techniques, and procedures (TTPs); detection actions; incident response guidance; and mitigations. The overview is intended to help the cybersecurity community reduce the risk presented by these threats.