TLDR:
US and allied nations have issued a warning about Russian cyber attackers targeting aid to Ukraine. NSA Cybersecurity Director Dave Luber urges organizations to take immediate action to secure data. The advisory highlights the Russian GRU 161st Specialist Training Center’s destructive cyber campaigns and use of WhisperGate malware. The Department of Justice has unveiled charges against members of the Kremlin’s military intelligence service for cyber attacks on Ukraine. The advisory suggests implementing routine system updates, network segmentation, and multifactor authentication to enhance cybersecurity.
Article Summary:
A recent advisory from US government agencies and allied nations highlighted the malicious activities of Russian cyber attackers targeting aid to Ukraine. The advisory specifically named the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) for conducting destructive cyber campaigns and using WhisperGate malware. NSA Cybersecurity Director Dave Luber emphasized the importance of organizations taking immediate action to secure data against these malicious cyber actors.
The Department of Justice also unveiled charges against members of the Kremlin’s military intelligence service for destructive computer attacks aimed at sowing fear in Ukrainian society. The indictment revealed that Russian hackers targeted agriculture and healthcare records in Ukraine and also conducted attacks on software systems in the US.
While defense companies were not listed as victims in the advisory or the indictment, firms in NATO countries have expressed concerns about cyber threats following Russia’s invasion of Ukraine. Italian defense firm Leonardo has reported a rise in cyber attacks and emphasized the importance of protecting digital systems.
To prevent such cyber attacks, the advisory recommended practices such as prioritizing system updates, network segmentation, and implementing multifactor authentication for external facing accounts. These measures aim to enhance cybersecurity hygiene and mitigate the impact of malicious cyber actors.