"Five Eyes Agencies Issue Detailed Russian Cyber-Threat Warning"

Cybersecurity agencies in the US, UK, Australia, Canada, and New Zealand have issued another warning to organizations beyond Ukraine's borders that pro-Russian hackers may soon target them.  The so-called "Five Eyes" intelligence group published its most detailed threat assessment yesterday, including information on Kremlin-backed units and cybercrime groups that have pledged to support Russia.  The Russian state groups named in the report are the Russian Federal Security Service (FSB), Russian Foreign Intelligence Service (SVR), Russian General Staff Main Intelligence Directorate (GRU), Russian Ministry of Defense, and the Central Scientific Institute of Chemistry and Mechanics (TsNIIKhM).  The researchers claim that the cybercrime groups that could threaten Western countries' critical infrastructure (CNI) include data leak extortionists the CoomingProject, DDoS-ers Killnet, Emotet operators Mummy, and Sality botnet developer Salty Spider.  Also included on the list are malware-as-a-service group Scully Spider, Smoke Loader bot developer Smokey Spider, TrickBot and Conti group Wizard Spider, and The XakNet Team.  The report contains multiple useful resources, a lengthy list of mitigations, and technical details on each group, including common tactics, techniques and procedures (TTPs).  National Cyber Security Centre (NCSC) CEO Lindy Cameron stated that it is vital that all organizations accelerate plans to raise their overall cyber-resilience, particularly those defending CNI. 

 

Infosecurity reports: "Five Eyes Agencies Issue Detailed Russian Cyber-Threat Warning"

Submitted by Anonymous on