(TLP:WHITE) Joint Cybersecurity Advisory (AA22-011A) Issued to U.S. Critical Infrastructure for Understanding and Mitigating Russian State-Sponsored Cyber Threats

Akin with public guidance and recommendations shared in mid-December by CISA and the White House regarding protecting against malicious cyber activity before the holidays, federal agencies have jointly released Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure (AA22-011A).

CISA, the FBI, and the NSA have released AA22-011A providing an overview of Russian state-sponsored cyber operations. The CSA includes commonly observed tactics, techniques, and procedures and provides detection actions, incident response guidance, and mitigations for protecting against Russian state-sponsored malicious cyber activity and their proxies. This advisory is primarily directed at U.S. critical infrastructure owners and operators and includes specific guidance and recommendations for protecting operational technology (OT)/industrial control systems (ICS) networks against ICS-specific destructive malware.

All water and wastewater utility owners and operators are highly encouraged to review the CSA and address accordingly. Likewise, WaterISAC members are encouraged to access the resources and webinar materials for more information:

• (TLP:AMBER) U.S. EPA-WaterISAC Advisory on Recommendations in Consideration of Russian Cyber Operations
• EPA-WaterISAC Webinar: Cybersecurity Recommendations in Consideration Russian State-Sponsored Cyber Operations Against U.S. Critical Infrastructure

Other relevant resources:

• Protecting Against Malicious Cyber Activity before the Holidays (White House)
• Russia Cyber Threat Overview and Advisories (CISA)
• CISA Insights: Preparing For and Mitigating Potential Cyber Threats (CISA)