Russian Government Warns Business Of US Cyber Attack

Uploaded on 2021-02-10 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--USA, GOVERNMENT-National, FREE TO VIEW

The Russian government has issued a cyber security warning to local organisations they say are at risk of US reprisals for the latest SolarWinds assaults. 

The warning comes from the National Coordination Center for Computer Incidents (NKTsKI), an agency created in 2018 by KGB successor the Federal Security Service (FSB). It said that the US government had threatened to carry out retaliatory attacks on Russian critical infrastructure following the large-scale cyber espionage campaign which the Kremlin has waged on US government and other organisations in the past year.

The fifteen-point advisory issued by NKTsKI recommends updating incident response plans, correctly configuring security tools, training users on how to spot phishing, avoiding third-party DNS servers and using multi-factor authentication. Also,application controls, firewalls, updated passwords, email security and prompt patching.

The US accused  Russia for the SolarWinds attacks, after it emerged that Kremlin-sponsored operatives had performed a major spying operation on government departments including the Department of Justice, the State Department and the TreasuryThe White House Press Secretary has said the US reserves the right to “respond at a time and manner of our choosing to any cyber-attack.” 

President Biden now has the delicate task of seeking cooperation with Russia over arms treaties but a way to punish the Kremlin for this cyber-attack and other pressing issues.

Reports suggest he has given the intelligence community the task of investigating four key areas:

  • The SolarWinds attack.
  • Possible interference in the 2020 election.
  • Efforts to muzzle Russian opposition leader Alexei Navalny.
  • A bounty program to pay Taliban fighters in Afghanistan for killing US troops.

The earliest awareness of the attack on the US was from the experts at the FireEye cybersecurity firm which found itself under attack from hackers it thought were working for Russia. Their investigation revealed that the same hackers were able to monitor internal email traffic at the US Treasury and Commerce departments and other departments. 

The hackers are thought to have used hacks that got into software updates released by the  SolarWinds IT company, which serves government customers across the executive branch, the military, and the intelligence services.

Reuters:         New York Times:      TheOpenSecurity:    Safe-Surf:       Infosecurity Magazine:

You Might Also Read:

More Critical Problems With SolarWinds:

 

« Data Privacy & You
How To Create Effective Cyber Security Training For Employees »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Securosis

Securosis

Securosis is an information security research and advisory firm dedicated to improving the practice of information security.

Encode

Encode

Encode delivers a cutting edge Security Analytics & Response Orchestration platform and best of breed Cyber Security Operations and Services.

Intercede

Intercede

Intercede is a cybersecurity company specializing in digital identities, derived credentials and access control, enabling digital trust in a mobile world.

Site24x7

Site24x7

Site24x7 is an AI-powered observability platform for DevOps and IT operations.

Aves Netsec

Aves Netsec

Aves is a deceptive security system for enterprises who want to capture, observe and mitigate bad actors in their internal network.

InPhySec

InPhySec

InPhySec is a leading New Zealand information, physical and cyber security company.

Ogasec

Ogasec

Ogasec is a cybersecurity company formed by the merger between Aker and N-Stalker in 2017. Solutions include Security & Connectivity Networking, Application Security, and Managed Security Services.

Cog Systems

Cog Systems

Cog Systems offer an embedded solution built on modularity, proactive security, trustworthiness, and adaptability to enable highly secure connected devices.

Rigado

Rigado

Rigado's mission is to enable commercial IoT success by providing high-performance secure and scalable wireless edge connectivity and network infrastructure.

Datacentrix

Datacentrix

Datacentrix provides end-to-end cybersecurity services for the operational technology (OT) and IT environments to monitor, assess and defend our customers' information assets.

Institute for Security and Technology (IST)

Institute for Security and Technology (IST)

The Institute for Security and Technology's goal is to provide the tools and insights needed for companies and governments to outpace emerging global security threats.

Reflectiz

Reflectiz

Reflectiz empowers digital businesses to make all web applications safer by non-intrusively mitigating any website risks without a single line of code.

Pakistan Telecommunication Company Limited (PTCL)

Pakistan Telecommunication Company Limited (PTCL)

Pakistan Telecommunication Company Limited (PTCL) is the largest integrated Information Communication Technology (ICT) company of Pakistan.

Boecore

Boecore

Boecore is an aerospace and defense engineering company that specializes in software solutions, systems engineering, cybersecurity, enterprise networks, and mission operations.

Fortress SRM

Fortress SRM

Fortress SRM protects companies from the financial, operational, and emotional trauma of cybercrime by improving the security performance of its people, processes, and technology.

Cyber Guru

Cyber Guru

Cyber Guru is an effective cybersecurity awareness training platform, enabling organisations to increase their resistance to cyber-attacks by changing employee behaviour.