NCSC joins US partners to advise on Russian-sponsored cyber threats
Above:
The National Cyber Security Centre (NCSC), Nova South, London.
Image by Simona Flamigni / copyright Shutterstock
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and National Security Agency (NSA) have published a joint advisory encouraging network defenders of critical infrastructure to remain vigilant against Russian-backed hacking groups.
The advisory provides an overview of Russian state-sponsored cyber operations, including commonly observed tactics, techniques, and procedures (TTPs), detection actions, incident response guidance, and mitigations.
Critical infrastructure organisations are advised to take immediate actions to strengthen their cyber security posture:
- Patch all systems and prioritise patching known exploited vulnerabilities
- Implement multi-factor authentication
- Use antivirus software
The NCSC recommends that organisations follow the advice set out within the advisory, which also lists 13 vulnerabilities known to have been exploited by Russian-backed actors in order to gain access to networks, and warns that actors have also used spear phishing and brute force techniques successfully.