FYSA
CISA released (TLP:AMBER) Understanding and Mitigating Russian State-Sponsored
Cyber Threats to U.S. Critical Infrastructure (attached), a joint Cybersecurity
Advisory (CSA) authored by CISA, the FBI, and NSA. This CSA provides an
overview of previously released Russian state-sponsored cyber operations;
commonly observed TTP; detection actions; incident response guidance; and
mitigations. CISA, the FBI, and NSA encourage the cybersecurity
community—especially critical infrastructure network defenders—to adopt a
heightened state of awareness and leverage this product to help conduct
proactive threat hunting.
We would also like to draw your attention to the (TLP:WHITE) CISA Insights
product released yesterday that likewise speaks to adopting a heightened state
of awareness. CISA Insights: Preparing For and Mitigating Potential Cyber
Threats<https://urldefense.us/v3/__https:/urldefense.com/v3/__https:/www.cisa.gov/publication/preparing-and-mitigating-potential-cyber-threats__;!!JNdenfMLDA!LTtKr0q8Dp40WRHjqUD31mEYzwA55NRBCmv7Oc7-3n-kTkr-Uxkqi326U0V3jjHz$__;!!BClRuOV5cvtbuNI!So78IAEC4dw8mpbUZCrGPiqIveL0jStqmXAmB4P67W0OdcrQ1EYrOpW6OkL0g-rL-M14Pfo$>
was released to provide critical infrastructure leaders with steps to
proactively strengthen their organization’s operational resiliency against
sophisticated threat actors, including nation-states and their proxies.
CISA Recommendations:
* adopt a heightened state of awareness and leverage this CSA to help
conduct proactive threat hunting
* review CISA Insights: Preparing For and Mitigating Potential Cyber
Threats<https://urldefense.us/v3/__https:/urldefense.com/v3/__https:/www.cisa.gov/publication/preparing-and-mitigating-potential-cyber-threats__;!!JNdenfMLDA!LTtKr0q8Dp40WRHjqUD31mEYzwA55NRBCmv7Oc7-3n-kTkr-Uxkqi326U0V3jjHz$__;!!BClRuOV5cvtbuNI!So78IAEC4dw8mpbUZCrGPiqIveL0jStqmXAmB4P67W0OdcrQ1EYrOpW6OkL0g-rL-M14Pfo$>
We kindly request any incidents related to this product be reported to CISA at
https://us-cert.cisa.gov/report, ;
Central@xxxxxxxxxxxx<mailto:Central@xxxxxxxxxxxx>, or 888-282-0870.
Theresa A. Masse
Cyber Security Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse@xxxxxxxxxxxx<mailto:theresa.masse@xxxxxxxxxxxx>
[cid:image007.png@01D7F313.CEEF5AC0]