Alert on Russian groups targeting critical infrastructure

The FBI, CISA, National Security Agency and international partners have released the Joint Cybersecurity Advisory “Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure,” providing recommended mitigations to reduce the likelihood and impact of related incidents.

The authoring agencies have observed pro-Russia hacking activity — attributed to the Cyber Army of Russia Reborn (CARR), Z-Pentest, NoName057(16), Sector16 and affiliated groups — capitalizing on the widespread availability of inadequately secured virtual network computing (VNC) connections to infiltrate operational technology (OT) control devices within critical infrastructure systems and conduct cyber operations against organizations worldwide.

The groups’ ongoing opportunistic targeting methodology can lead to broad targeting and indiscriminate compromise of critical infrastructure entities, including those in Water and Wastewater, Food and Agriculture, and the Energy sectors. Further, their observed lack of strategic focus increases the likelihood of targeting of unintended victims, resulting in haphazard attacks with unanticipated damages.

Read more at Joint Cybersecurity Advisory