TLDR:
US and allies accuse Russian military of launching cyber-attacks targeting critical infrastructure for espionage and sabotage purposes. Unit 29155, a cyber group affiliated with the Russian military, is responsible for deploying destructive malware, targeting NATO members, and expanding its cyber operations. The agencies provide recommendations for protecting against Unit 29155 attacks.
In a joint advisory, the US, UK, and seven other governments have accused the Russian military of launching cyber-attacks targeting critical infrastructure for espionage and sabotage purposes. The cyber activities of Unit 29155, associated with the Russian military, have been highlighted, with the group believed to be responsible for deploying destructive malware against Ukraine government and critical sector organizations. Unit 29155 has also targeted NATO members and other nations in Europe, Latin America, and Central Asia, focusing on critical infrastructure sectors.
The agencies provided recommendations for protecting against Unit 29155 attacks, including prioritizing patching, conducting regular vulnerability scans, limiting exploitable services on internet-facing assets, and utilizing government cybersecurity services. Additionally, the US Court charged six Russians for cyber-attacks on Ukraine as part of Unit 29155, offering a reward for information on the defendants.