UK and US Issue Joint Advisory on Russian Cyber Threat to Global Networks
Share this:

By Smartencyclopedia with Agencies

London, October 25, 2024 — Cybersecurity agencies in the UK and US have issued a critical advisory today, warning organizations worldwide of a “global threat” posed by Russian cyber actors linked to the country’s Foreign Intelligence Service (SVR). The advisory, released by the UK’s National Cyber Security Centre (NCSC) and US agencies, outlines a sweeping campaign by the SVR to exploit vulnerabilities in internet-facing systems across various sectors.

The advisory reveals that SVR-linked groups, particularly Advanced Persistent Threat group APT29, are using well-known vulnerabilities to infiltrate targets. Victims fall into two main categories: “targets of intent” and “targets of opportunity.” Targets of intent include governments, think tanks, technology companies, and financial institutions, while targets of opportunity are typically identified through mass scans for unpatched vulnerabilities. According to the advisory, APT29 has been exploiting over 20 public vulnerabilities on a global scale, aiming to gather intelligence and gain sustained access to compromised systems.

In addition to these direct targets, SVR actors pose a supply chain risk by attempting to “pivot” from compromised accounts into networks connected to their primary targets. This tactic follows in the wake of high-profile SVR-attributed attacks, such as the SolarWinds breach and cyber campaigns against organizations involved in COVID-19 vaccine development.

Paul Chichester, NCSC Director of Operations, emphasized the need for proactive cybersecurity: “Russian cyber actors are highly capable of accessing unpatched systems across a range of sectors. Once they’re in, they can exploit this access to meet their objectives. All organizations are encouraged to bolster their cyber defenses and prioritize deploying patches and software updates.”

Organizations are advised to immediately apply security patches and update software, as failing to do so could leave their systems vulnerable to Russian cyber intrusion. The joint advisory also emphasizes that UK organizations potentially affected by these attacks should report any incidents to the NCSC.

The publication of this advisory represents the latest move in a coordinated effort by the UK and US to combat cyber threats, especially as SVR-linked actors adapt to shifts towards cloud-based infrastructure. This advisory follows a string of alerts since the Russia-Ukraine conflict, with cybersecurity agencies urging organizations worldwide to protect against sophisticated foreign intrusions.

The joint statement was also backed by the FBI and NSA, reflecting the widespread reach and ongoing threat of SVR activities across multiple sectors.

Share this:
Comments
All comments.
Comments