Russian Government Warns Business Of US Cyber Attack

Uploaded on 2021-02-10 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--USA, GOVERNMENT-National, FREE TO VIEW

The Russian government has issued a cyber security warning to local organisations they say are at risk of US reprisals for the latest SolarWinds assaults. 

The warning comes from the National Coordination Center for Computer Incidents (NKTsKI), an agency created in 2018 by KGB successor the Federal Security Service (FSB). It said that the US government had threatened to carry out retaliatory attacks on Russian critical infrastructure following the large-scale cyber espionage campaign which the Kremlin has waged on US government and other organisations in the past year.

The fifteen-point advisory issued by NKTsKI recommends updating incident response plans, correctly configuring security tools, training users on how to spot phishing, avoiding third-party DNS servers and using multi-factor authentication. Also,application controls, firewalls, updated passwords, email security and prompt patching.

The US accused  Russia for the SolarWinds attacks, after it emerged that Kremlin-sponsored operatives had performed a major spying operation on government departments including the Department of Justice, the State Department and the TreasuryThe White House Press Secretary has said the US reserves the right to “respond at a time and manner of our choosing to any cyber-attack.” 

President Biden now has the delicate task of seeking cooperation with Russia over arms treaties but a way to punish the Kremlin for this cyber-attack and other pressing issues.

Reports suggest he has given the intelligence community the task of investigating four key areas:

  • The SolarWinds attack.
  • Possible interference in the 2020 election.
  • Efforts to muzzle Russian opposition leader Alexei Navalny.
  • A bounty program to pay Taliban fighters in Afghanistan for killing US troops.

The earliest awareness of the attack on the US was from the experts at the FireEye cybersecurity firm which found itself under attack from hackers it thought were working for Russia. Their investigation revealed that the same hackers were able to monitor internal email traffic at the US Treasury and Commerce departments and other departments. 

The hackers are thought to have used hacks that got into software updates released by the  SolarWinds IT company, which serves government customers across the executive branch, the military, and the intelligence services.

Reuters:         New York Times:      TheOpenSecurity:    Safe-Surf:       Infosecurity Magazine:

You Might Also Read:

More Critical Problems With SolarWinds:

 

« Data Privacy & You
How To Create Effective Cyber Security Training For Employees »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Protective Intelligence

Protective Intelligence

Protective Intelligence brings together a group of information security specialists with a passion for delivering high-quality solutions.

Janusnet

Janusnet

Janusnet develops software and solutions for organisations to enforce and manage data security.

enSilo

enSilo

enSilo secures customers data on premise or in the cloud. Regardless of the where the threat comes from, enSilo can protect your data.

ZM CIRT

ZM CIRT

ZM CIRT is the national Computer Incident Response Team for Zambia.

Cybraics

Cybraics

Cybraics nLighten platform implements a unique and sophisticated artificial intelligence engine that rapidly learns your environment and alerts security teams to threats and vulnerabilities.

Nok Nok Labs

Nok Nok Labs

Nok Nok is a market leader in next generation authentication for cloud, mobile and IoT applications.

Idaho National Laboratory (INL)

Idaho National Laboratory (INL)

INL is an applied engineering laboratory dedicated to supporting the US Dept of Energy's missions in energy research, nuclear science and national defense including critical infrastructure protection.

ThreatSpike Labs

ThreatSpike Labs

ThreatSpike Labs provides the first end-to-end fully managed security service for companies of all sizes.

Redwall Technologies

Redwall Technologies

Redwall provides cybersecurity expertise and technology to prevent and respond to emerging threats against mobile applications and connected infrastructures.

Zemana

Zemana

Zemana provides innovative cyber-security solutions to deal with complex malicious software and other cyber threats.

Feroot Security

Feroot Security

Feroot Security secures client-side web applications so that businesses can deliver a flawless user experience to their customers. Our products help organizations protect their client-side surface.

Vertek

Vertek

Vertek is a leading provider of operations consulting, end-to-end business process outsourcing, business intelligence, software applications and managed cybersecurity solutions.

InnovateHer

InnovateHer

At InnovateHer, our vision is to make the tech sector more equitable, by increasing diversity across the spectrum and creating more inclusive workplaces.

Bestman Solutions

Bestman Solutions

As a specialist cyber security practice, we believe that people are an organisation’s most valuable asset. Success depends on hiring the right people, and this is where we come in.

Servadus

Servadus

Servadus help organizations with their cybersecurity and compliance programs through management and sustainability, consulting, and assessing.

Exaforce

Exaforce

At Exaforce, we are on a mission to 10× improve the productivity and efficacy of security and operations teams using our transformative multi-model AI engine.