Ukraine & Russia Cyber Update

  |  Source: 
CISA Insight

Ukraine & Russia Cyber Update

Consolidating available advisory information from the Cybersecurity and Infrastructure Security Agency (CISA), regarding the Ukraine and Russia crisis, provided technical guidance on threat TTPs, associated with Russian threat actors, continuing to urge organizations to have increased awareness of cybersecurity. The advisory provides information for vulnerabilities Russian APT groups have commonly exploited, including Oracle Weblogic, Exchange, Cisco, VMWare and Citrix. Attacks target all critical infrastructure groups "specifically targeted operational technology (OT)/industrial control systems (ICS) networks." TTPs based on the MITRE ATT&CK framework are provided in advisory - AA22-011A. CISA and the FBI have also issued a joint advisory identifying the U.S Cleared Defense Contractors (CDCs) being targeted by state-sponsored Russian Threat Actors to acquire sensitive information. The attacks against CDCs were observed since January 2020 resulting in the compromise of US intelligence, "This theft has granted the actors significant insight into U.S. weapons platforms development and deployment timelines, plans for communications infrastructure, and specific technologies employed by the U.S. government and military."


Get trending threats published weekly by the Anvilogic team.

Sign Up Now