Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Federal Agencies Detail Russian Tactics Used in Recent Cyber Intrusions

NextGov – “The FBI, Homeland Security Department and Cybersecurity and Infrastructure Security Agency issued an alert on Russian government cyber tradecraft and mitigation techniques for targets. After publicly naming the Russian Foreign Intelligence Service, or SVR, as the culprit behind the SolarWinds hack that affected at least nine federal agencies, a set of U.S. security agencies released an alert outing the hackers’ techniques and describing best practices for defending against them. In an alert issued Monday, the FBI, Homeland Security Department and Cybersecurity and Infrastructure Security Agency, or CISA, released technical details on Russian hacking groups that “continue to seek intelligence from U.S. and foreign entities through cyber exploitation, using a range of initial exploitation techniques that vary in sophistication, coupled with stealthy intrusion tradecraft within compromised networks.” While the group targets a variety of institutions with valuable national security information, government agencies are at the top of that list. The cadre of hackers associated with the Russian government represents an advanced persistent threat, or APT, which has gone by many names: APT 29, the Dukes, CozyBear and Yttrium, among others. The new alert notes “SVR cyber operators are capable adversaries..”

Sorry, comments are closed for this post.