NCSC joins US partners to promote understanding and mitigation of Russian state-sponsored cyber threats

13 Jan 2022 11:54 AM

The NCSC supports CISA, FBI, and NSA advice in understanding and countering Russian cyber threats.

An image illustrating a warning sign on a laptop screen.

The National Cyber Security Centre – a part of GCHQ – has added its support to new advice from international partners on countering Russian state-sponsored cyber threats targeting critical infrastructure.

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) have published a joint advisory encouraging network defenders of critical infrastructure to remain vigilant against Russian-backed hacking groups.

The advisory provides an overview of Russian state-sponsored cyber operations, including commonly observed tactics, techniques, and procedures (TTPs), detection actions, incident response guidance, and mitigations.

Critical infrastructure organisations are advised to take immediate actions to strengthen their cyber security posture:

The NCSC recommends that organisations follow the advice set out within the advisory, which also lists 13 vulnerabilities known to have been exploited by Russian-backed actors in order to gain access to networks, and warns that actors have also used spear phishing and brute force techniques successfully.