The Infrastructure Security and Cybersecurity Agency, the Federal Bureau of Investigation, and the National Security Agency on Tuesday, Jan. 11, issued a joint statement to critical infrastructure organizations, warning of a cyber threat from apparently Russian state-sponsored hackers, according to the complaint.
In what could translate into a new diplomatic conflict between the United States and Russia, U.S. security agencies sounded the alarm by warning about the alleged risks posed by Russian hackers.
“Historically, Russian state-sponsored advanced persistent threat (APT) actors have used common but effective tactics. They include spearphishing, brute force, and exploiting known vulnerabilities against accounts and networks with weak security—to gain initial access to target networks,” the advisory read.
Officials listed in the advisory a number of known attacks carried out by suspected Russian hacking groups in the past.
Officials from the various federal agencies said that, in some cases, cyber operations against critical infrastructure organizations have “specifically targeted operational technology (OT)/industrial control systems (ICS) networks with destructive malware” and listed a number of malware used in such attacks by way of example.
Critical organizations that are often targeted by this type of attack are “state, local, tax, regional governments and aviation networks,” the statement warns.
It also sought to recall that between 2011 and 2018, Russian hackers were also able to repeatedly remotely access U.S. and international energy sector networks where they deployed malware and gathered information.
These attacks were not limited to the U.S., just as an example, between 2015 and 2016 Russian hackers conducted a cyber attack against Ukrainian energy distribution companies, according to officials, which caused those companies to experience unplanned power outages leading to huge losses.
The agencies recommended that critical infrastructure organizations should be especially prepared for such attacks. And the way to defend themselves is to minimize as much as possible the failures of personnel assigned to the technologies used to protect people, assets and information.
It was also suggested to create response plans for hypothetical cyber incidents and immediately inform the Infrastructure Security and Cybersecurity Agency.
“These mitigations will help organizations improve their functional resilience by reducing the risk of compromise or severe business degradation,” officials said.
Regardless of this issue, the Biden administration is not in a good diplomatic moment with the Russian government. Especially since it decided to position the United States on the side of Ukraine in the border conflict with Russia.
On Friday, Dec. 31, The White House said that President Joe Biden has made it clear to his Russian peer Vladimir Putin in his call the day before that he cannot “move forward in Ukraine.” He also announced telephone conversations with Ukrainian President Volodymyr Zelensky to reaffirm his support for “sovereignty and territorial integrity.”
“We made it clear to President Putin that if he makes any more moves, goes into Ukraine, we will have severe sanctions. We will increase our presence in Europe with our NATO allies, and it’ll just be a heavy price to pay for it,” Biden told reporters. He spoke as he was leaving a restaurant in Wilmington, Delaware, where he was spending the New Year holidays with his family.