In a joint technical alert issued today, the Department of Homeland Security, Federal Bureau of Investigation and the United Kingdom’s National Cyber Security Centre warned of malicious Russian cyber activity targeting government and private-sector entities, critical infrastructure owners and operators and the internet service providers supporting these sectors.
Recent Russian cyber attacks have targeted network infrastructure devices, such as routers, switches and firewalls, in an attempt to use compromised systems to “support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations,” the agencies said.
The alert provided information that these entities can use to help determine whether their systems have been compromised, and recommended steps organizations can consider taking to reduce their exposure to this threat. In the event malicious cyber activity is suspected, organizations are encouraged to notify the National Cybersecurity and Communications Integration Center or their local FBI field office.