Joint Cybersecurity Advisory – Update on SVR Cyber Operations and Vulnerability Exploitation
Created: Tuesday, October 15, 2024 - 14:10
Categories: Cybersecurity, Federal & State Resources, Security Preparedness
Last week, the NSA, FBI, and other federal and international partners issued a joint Cybersecurity Advisory (CSA) “Update on SVR Cyber Operations and Vulnerability Exploitation”. The joint CSA warns of ongoing Russian Federation Foreign Intelligence Service (SVR) cyber threats, highlighting how SVR actors are currently exploiting a set of software vulnerabilities and have intentions to exploit additional vulnerabilities. A detailed list of publicly disclosed common vulnerabilities and exposures (CVEs) are included along with a list of mitigations to improve cybersecurity posture based on SVR cyber actors’ operations.
The CSA includes a range of tactics, techniques, and procedures used by SVR cyber actors, including but not limited to:
- Spearphishing
- Password spraying
- Abuse of supply chain and trusted relationships
- Custom and bespoke malware
- Cloud exploitation
- Living off the land techniques
As nation-state actors continue to target water and wastewater utilities, WaterISAC recommends members review the joint CSA with the list of CVEs and mitigations to help improve their cybersecurity posture. Access the full joint CSA here.
Previous WaterISAC Analysis and Coverage of Russia-linked Cyber Actors:
- CISA Alert – Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means | September, 2024
- (TLP:AMBER) Threat Advisory – Russian-linked Threat Actors Targeting Water Utilities | September, 2024
- ODNI Graphic – Recent Cyber Attacks on U.S. Infrastructure Underscore Vulnerability of Critical Systems | July, 2024
- Cyber Resilience – Why Modern Hacktivism Matters to Water and Wastewater Utilities | July, 2024
- Situational Awareness – U.S. Issues Sanctions Against CARR Attackers who Breached U.S. Water Utilities | July, 2024
- Partner Reports | Cyber – July 18, 2024 | July, 2024
- WaterISAC Notification – EPA Issues Enforcement Alert to Drinking Water Systems to Address Cybersecurity Vulnerabilities | May, 2024
- Incident Awareness – What APT Threat Group SANDWORM Might have to do with Recent Incidents at Water Utilities and How you can Protect your Utility | April, 2024
- Partner Threat Assessments – March 2024 | April, 2024