Critical infrastructure across Australia could be the target of heightened threats posed by Russian state-sponsored cyber actors, according to a new multinational advisory.
To continue reading the rest of this article, please log in.
Create free account to get unlimited news articles and more!
A new joint advisory has been issued by key cyber security agencies across Australia, Canada, New Zealand, the United Kingdom, and the United States, flagging new risks to critical infrastructure posed by Russian state-sponsored cyber actors.
The advisory was co-issued by the:
- Cybersecurity and Infrastructure Security Agency (CISA);
- the Federal Bureau of Investigation (FBI);
- National Security Agency (NSA);
- Australian Cyber Security Centre (ACSC);
- Canadian Centre for Cyber Security (CCCS);
- National Cyber Security Centre New Zealand (NZ NCSC);
- the United Kingdom’s National Cyber Security Centre (NCSC-UK); and
- National Crime Agency (NCA).
Supported by industry members of the Joint Cyber Defense Collaborative, the advisory provides technical details on malicious cyber operations by actors from:
- the Russian Federal Security Service (FSB);
- Russian Foreign Intelligence Service (SVR);
- Russian General Staff Main Intelligence Directorate (GRU); and
- Russian Ministry of Defense, Central Scientific Institute of Chemistry and Mechanics (TsNIIKhM).
According to the alert, some of these cyber crime groups have recently threatened to conduct cyber operations in retaliation for perceived cyber offensives against Russia or against countries supporting the Ukrainian resistance.
A number of recommendations have been issued to stakeholders at risk of cyber attack, which include:
- prioritising patching of known exploited vulnerabilities;
- enforcing multifactor authentication;
- monitoring remote desktop protocol (RDP); and
- providing end-user awareness and training.
“We know that malicious cyber activity is part of the Russian playbook. We also know that the Russian government is exploring options for potential cyber attacks against US critical infrastructure,” CISA director Jen Easterly said.
“[This] cyber security advisory released jointly by CISA and our inter-agency and international partners reinforces the demonstrated threat and capability of Russian state-sponsored and Russian aligned cyber criminal groups to our homeland.”
Abigail Bradshaw, head of the Australian Cyber Security Centre urged Australian organisations to shore-up their cyber defences.
“Recent intelligence and historic instances of destructive cyber attacks indicate now is the time for organisations to improve their cyber security posture,” she said.
“In particular, critical infrastructure organisations should act now to raise defences, not wait until being attacked.
“The ACSC stands ready to support its critical infrastructure partners in responding to the threats we face – by raising their awareness of the threat, sharing indicators of compromise, and providing technical mitigation advice.”
The joint advisory has also encouraged all organisations to share information about incidents and unusual cyber activity with their respective cyber security authorities.
[Related: Government-led cyber threat protection initiatives backed by cyber security professionals]