Welcome: IC ,Electronic components, sensors, integrated circuits, military chips, IC, XILINX, ACREL, AD, TI, LINE AR, IR, CCD, CMOS, VPT, VICOR,FPGA,欧盛电子,电子元器件
hkousheng@hotmail.com+8618291999556
Home     News       Russia Cyber Threat Overview and Advisor…

News

Russia Cyber Threat Overview and Advisories

This page provides an overview of the Cybersecurity and Infrastructure Security Agency’s (CISA's) assessment of the Russian government’s malicious cyber activities. The overview leverages publicly available, open-source intelligence and information regarding this threat. This page also includes a complete list of related CISA publications, many of which are jointly authored with other U.S. government agencies (Note: unless specifically stated, neither CISA nor the U.S. Government attributed specific activity described in the referenced sources to Russian government actors). Additionally, this page provides instructions on how to report related threat activity.

The Russian government engages in malicious cyber activities to enable broad-scope cyber espionage, to suppress certain social and political activity, to steal intellectual property, and to harm regional and international adversaries.[1] Recent Advisories published by CISA and other unclassified sources reveal that Russian state-sponsored threat actors are targeting the following industries and organizations in the United States and other Western nations: COVID-19 research, governments, election organizations, healthcare and pharmaceutical, defense, energy, video gaming, nuclear, commercial facilities, water, aviation, and critical manufacturing. The same reporting associated Russian actors with a range of high-profile malicious cyber activity, including the 2020 compromise of the SolarWinds software supply chain, the 2020 targeting of U.S. companies developing COVID-19 vaccines, the 2018 targeting of U.S industrial control system infrastructure, the 2017 NotPetya ransomware attack on organizations worldwide, and the 2016 leaks of documents stolen from the U.S. Democratic National Committee.

According to the U.S. Office of the Director of National Intelligence 2021 Annual Threat Assessment, "Russia continues to target critical infrastructure, including underwater cables and industrial control systems, in the United States and in allied and partner countries, as compromising such infrastructure improves—and in some cases can demonstrate—its ability to damage infrastructure during a crisis." The Assessment states that "Russia almost certainly considers cyber attacks an acceptable option to deter adversaries, control escalation, and prosecute conflicts."[2]

Latest U.S. Government Report on Russian Malicious Cyber Activity

On May 09, 2023, CISA and partners released a joint advisory for a sophisticated cyber espionage tool used by Russian cyber actors. Hunting Russian Intelligence “Snake” Malware provides technical descriptions of the malware’s host architecture and network communications, and mitigations to help detect and defend against this threat.

CISA urges organizations to review the advisory for more information and apply the recommended mitigations and detection guidance. For more information on FSB and Russian state-sponsored cyber activity, please see the joint advisory Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure.

The Russian Malicious Cyber Activity section below lists all CISA Advisories, Alerts, and Malware Analysis Reports (MARs) on Russian malicious cyber activities. 

Russian Malicious Cyber Activity

Much of the information contained in the Advisories, Alerts, and MARs listed below is the result of analytic efforts between CISA, the U.S. Department of Defense (DoD), and the Federal Bureau of Investigation (FBI) to provide technical details on the tools and infrastructure used by Russian state-sponsored cyber actors. The publications below include descriptions of Russian malicious cyber activity, technical details, and recommended mitigations. Users and administrators should flag activity associated with the information in the products listed in table 1 below, report the activity to CISA or FBI Cyber Watch (CyWatch), and give the activity the highest priority for enhanced mitigation.