In a move demonstrative of international cooperation and partnership, the Five Eyes (United States, Australia, Canada, New Zealand, and United Kingdom) issued an alert giving a “comprehensive overview of Russian state-sponsored and cybercriminal threats to critical infrastructure.” The alert also includes remediation guidance, which CISOs will find of particular import.
Alert AA22-110A – Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure, provides details on the cyber operations attributable to Russian state actors, including the Russian Federal Security Service (FSB), Russian Foreign Intelligence Service (SVR), Russian General Staff Main Intelligence Directorate (GRU), and Russian Ministry of Defense, Central Scientific Institute of Chemistry and Mechanics (TsNIIKhM). It also identifies cybercriminal organizations, including some which have expressed fealty to the Russian Federation, that have pledged to conduct cyber operations against entities that are providing support to Ukraine. Thus, your company’s position on Russia’s invasion of Ukraine very well may place your company in the target sights of Russian state actors or their cybercriminal cronies.