Russian Government Warns Business Of US Cyber Attack

Uploaded on 2021-02-10 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--USA, GOVERNMENT-National, FREE TO VIEW

The Russian government has issued a cyber security warning to local organisations they say are at risk of US reprisals for the latest SolarWinds assaults. 

The warning comes from the National Coordination Center for Computer Incidents (NKTsKI), an agency created in 2018 by KGB successor the Federal Security Service (FSB). It said that the US government had threatened to carry out retaliatory attacks on Russian critical infrastructure following the large-scale cyber espionage campaign which the Kremlin has waged on US government and other organisations in the past year.

The fifteen-point advisory issued by NKTsKI recommends updating incident response plans, correctly configuring security tools, training users on how to spot phishing, avoiding third-party DNS servers and using multi-factor authentication. Also,application controls, firewalls, updated passwords, email security and prompt patching.

The US accused  Russia for the SolarWinds attacks, after it emerged that Kremlin-sponsored operatives had performed a major spying operation on government departments including the Department of Justice, the State Department and the TreasuryThe White House Press Secretary has said the US reserves the right to “respond at a time and manner of our choosing to any cyber-attack.” 

President Biden now has the delicate task of seeking cooperation with Russia over arms treaties but a way to punish the Kremlin for this cyber-attack and other pressing issues.

Reports suggest he has given the intelligence community the task of investigating four key areas:

  • The SolarWinds attack.
  • Possible interference in the 2020 election.
  • Efforts to muzzle Russian opposition leader Alexei Navalny.
  • A bounty program to pay Taliban fighters in Afghanistan for killing US troops.

The earliest awareness of the attack on the US was from the experts at the FireEye cybersecurity firm which found itself under attack from hackers it thought were working for Russia. Their investigation revealed that the same hackers were able to monitor internal email traffic at the US Treasury and Commerce departments and other departments. 

The hackers are thought to have used hacks that got into software updates released by the  SolarWinds IT company, which serves government customers across the executive branch, the military, and the intelligence services.

Reuters:         New York Times:      TheOpenSecurity:    Safe-Surf:       Infosecurity Magazine:

You Might Also Read:

More Critical Problems With SolarWinds:

 

« Data Privacy & You
How To Create Effective Cyber Security Training For Employees »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Tanium

Tanium

Tanium is an endpoint security and systems management company.

AON

AON

Aon is a leading global provider of risk management (including cyber), insurance and reinsurance brokerage, human resources solutions and outsourcing services.

SysTools

SysTools

SysTools provides a range of services including data recovery, digital forensics, and cloud backup solutions.

SteelCloud

SteelCloud

SteelCloud has spent the last decade inventing technology to automate policy compliance, configuration control, and Cloud security.

Keynetic Technologies

Keynetic Technologies

Keynetic focuses on developing cybersecurity solutions for Industry 4.0.

Cyber NYC

Cyber NYC

Cyber NYC is a suite of strategic investments to grow New York City’s cybersecurity workforce, help companies drive innovation, and build networks and community spaces.

Randstad

Randstad

Randstad provide outsourcing, staffing, consulting and workforce solutions in the USA across a wide range of job sectors including IT and cybersecurity.

Salvador Technologies

Salvador Technologies

Salvador Technologies provides the world’s fastest technology to recover from cyber-attacks.

ITTAS

ITTAS

ITTAS is a multidisciplinary company specializing in information security and software and hardware protection software.

Patriot Consulting Technology Group

Patriot Consulting Technology Group

Patriot Consulting's mission is to help our clients manage cybersecurity risk through secure deployments of Microsoft 365.

Anonos

Anonos

Anonos is a global software company that provides the only technology capable of protecting data in use with 100% accuracy, even in untrusted environments.

NSW IT Support

NSW IT Support

NSW IT Support: Your exclusive hub for comprehensive Business IT services in Sydney. Our skilled team ensures seamless technology solutions nationwide, consistently delivering top-tier IT support.

Heyhack

Heyhack

Heyhack is a SOC 2 Type II certified automated penetration testing platform for web apps and APIs.

Hartman Executive Advisors

Hartman Executive Advisors

Hartman Executive Advisors is an unbiased IT and cyber advisory firm uniquely designed to help mid-market executives maximize their IT investments.

Neeve

Neeve

Neeve is an edge cloud platform transforming smart buildings and spaces, making them more secure, smarter, and more sustainable.

Securitybricks

Securitybricks

Securitybricks specialize in cloud security and compliance. Our mission is to automate regulatory compliance backed by human validation.