Joint Cybersecurity Advisory – Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

The cybersecurity authorities of the U.S., Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory (CSA) (AA22-110A) to warn organizations of the potential for increased Russian malicious cyber activity as a response to the unprecedented economic costs imposed on Russia as well as the materiel support provided by the U.S. and its allies and partners. Members are encouraged to review the advisory and immediately take action to protect against and mitigate this activity.

Evolving intelligence indicates the Russian government is exploring options for potential cyber operations including distributed denial-of-service (DDoS) attacks and deployment of destructive malware against critical infrastructure organizations.

Immediate mitigation actions include:

• Prioritize patching known exploited vulnerabilities.
• Enforce multifactor authentication.
• Secure and monitor Remote Desktop Protocol.
• Provide end-user awareness and training.