Russian Cyber Attacks on Critical Infrastructure: Five Eyes Countries

Russian Cyber Attacks on Critical Infrastructure: Five Eyes Countries

In the midst of Russia's ongoing military assault on Ukraine, the Five Eyes nations have issued a joint cybersecurity advisory warning of an increase in malicious attacks from Russian state-sponsored actors and criminal groups targeting critical infrastructure organizations.

It has been reported that the Russian government is looking into ways to launch a cyberattack on one of these countries or the United States or Canada or New Zealand.

"This could lead to an increase in malicious cyber activity for organizations both in and outside of the region, following Russia's invasion. This could be a response to Russia's unprecedented economic costs and the material support provided by the United States and its allies and partners."

There was a previous U.S. government alert that warned of nation-state actors using specialized malware on Industrial Control Systems and Supervisory Control And Data Acquisition (SCADA) devices to keep them in the loop.

From distributed denial-of-service (DDoS) attacks to destructive malware deployments against government and infrastructure entities, Ukraine has been subjected to a flurry of targeted campaign activity over the past two months.

According to an alert issued on Wednesday, Russian state-sponsored cyber actors are capable of compromising IT networks, maintaining long-term persistence, stealing sensitive data while remaining undetected, and disrupting and sabotaging industrial control systems without being detected.

Conti (aka Wizard Spider), a cybercriminal group that has publicly stated its support for the Russian government, is also in the mix. The CoomingProject, Killnet, Mummy Spider (the operators of Emotet), Salty Spider, Scully Spider, Smoky Spider, and the XakNet Team are other Russian-aligned cybercrime syndicates.

In a statement shared with The Hacker News, Chris Grove, director of the cybersecurity strategy at Nozomi Networks, said, "The message should be loud and clear: Russian nexus-state actors are on the prowl; cyberspace has become a messy, hot war-zone; everyone should be prepared for an attack from any direction."

Ransomware attacks on food and agriculture businesses are on the rise during the planting and harvesting seasons, according to the Federal Bureau of Investigation (FBI).

Cyberattackers might see cooperatives as lucrative targets because of their time-sensitive role in agricultural production, according to the agency. There were a number of known but unpatched common vulnerabilities and exploits, along with secondary infections from exploiting shared network resources or compromising managed services."

US Treasury Department sanctions Russian cryptocurrency mining company Bitriver for helping the country evade sanctions in a separate move. This is the first time a virtual coin mining company has been placed on an economic blocklist. For bitcoin mining, Russia is the third-largest country in the world.

These companies help Russia profit from its natural resources by operating vast server farms that sell virtual currency mining capacity to customers around the world," the Treasury said. Because they rely on imported computer equipment and fiat payments, mining companies are vulnerable to sanctions."


Your suggestions and comments are welcome

Post a Comment

Your suggestions and comments are welcome

Post a Comment (0)

Previous Post Next Post