FBI-DHS-CISA Joint Advisory on Russian Foreign Intelligence Service Cyber Operations

The Federal Bureau of Investigation (FBI), Department of Homeland Security, and CISA have released a Joint Cybersecurity Advisory (CSA) addressing Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29 (APT 29), the Dukes, CozyBear, and Yttrium—continued targeting of U.S and foreign entities. The SVR activity—which includes the recent SolarWinds Orion supply chain compromise—primarily targets government networks, think tank and policy analysis organizations, and information technology companies and seeks to gather intelligence information.

This CSA complements the CISA, FBI, and National Security Agency (NSA) Joint CSA: Russian SVR Targets U.S. and Allied Networks and provides tactics, tools, techniques, and capabilities to help organizations conduct investigations and secure their networks.

CISA encourages users and administrators to review Joint CSA AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders and implement the recommended mitigations. For additional information on SVR-related activity, review the following resources:

Read more at CISA

(Visited 328 times, 1 visits today)

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

Go to Top
X