Adrian Johnson
TLDR:
- A recent NSA report has attributed U.S. cyber attacks since 2020 to Russian military hackers.
- The hackers are affiliated with the Russian Unit 29155 and have targeted critical infrastructure globally.
Summary:
According to a recent security advisory by the NSA, FBI, and CISA, Russian military hackers affiliated with Unit 29155 have been responsible for cyber attacks on critical infrastructure in the United States and globally since 2020. The group, known for carrying out sabotage and influence operations in Europe, expanded to include offensive cyber operations targeted at NATO members, including the U.S. The attacks, primarily focused on disrupting aid provisions in the Ukraine war, have included propaganda, website defacement, data exfiltration, and data leaks. The hackers utilize publicly available penetration testing tools and common red team hacking techniques, making attribution challenging. To mitigate the threat posed by Unit 29155, the NSA and FBI recommend limiting adversary use of vulnerabilities, conducting regular vulnerability scans, limiting exploitable services on internet-facing assets, and disabling unnecessary applications and network protocols.
