Russian Government Warns Business Of US Cyber Attack

Uploaded on 2021-02-10 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--USA, GOVERNMENT-National, FREE TO VIEW

The Russian government has issued a cyber security warning to local organisations they say are at risk of US reprisals for the latest SolarWinds assaults. 

The warning comes from the National Coordination Center for Computer Incidents (NKTsKI), an agency created in 2018 by KGB successor the Federal Security Service (FSB). It said that the US government had threatened to carry out retaliatory attacks on Russian critical infrastructure following the large-scale cyber espionage campaign which the Kremlin has waged on US government and other organisations in the past year.

The fifteen-point advisory issued by NKTsKI recommends updating incident response plans, correctly configuring security tools, training users on how to spot phishing, avoiding third-party DNS servers and using multi-factor authentication. Also,application controls, firewalls, updated passwords, email security and prompt patching.

The US accused  Russia for the SolarWinds attacks, after it emerged that Kremlin-sponsored operatives had performed a major spying operation on government departments including the Department of Justice, the State Department and the TreasuryThe White House Press Secretary has said the US reserves the right to “respond at a time and manner of our choosing to any cyber-attack.” 

President Biden now has the delicate task of seeking cooperation with Russia over arms treaties but a way to punish the Kremlin for this cyber-attack and other pressing issues.

Reports suggest he has given the intelligence community the task of investigating four key areas:

  • The SolarWinds attack.
  • Possible interference in the 2020 election.
  • Efforts to muzzle Russian opposition leader Alexei Navalny.
  • A bounty program to pay Taliban fighters in Afghanistan for killing US troops.

The earliest awareness of the attack on the US was from the experts at the FireEye cybersecurity firm which found itself under attack from hackers it thought were working for Russia. Their investigation revealed that the same hackers were able to monitor internal email traffic at the US Treasury and Commerce departments and other departments. 

The hackers are thought to have used hacks that got into software updates released by the  SolarWinds IT company, which serves government customers across the executive branch, the military, and the intelligence services.

Reuters:         New York Times:      TheOpenSecurity:    Safe-Surf:       Infosecurity Magazine:

You Might Also Read:

More Critical Problems With SolarWinds:

 

« Data Privacy & You
How To Create Effective Cyber Security Training For Employees »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

aizoOn Technology Consulting

aizoOn Technology Consulting

aizoOn is a technology consulting company offering a range of services including IoT & embedded security, mobile security, cybersecurity assessments, risk & compliance, network monitoring and more.

ACIS Professional Center

ACIS Professional Center

ACIS provides training and consulting services in the area of information technology, cybersecurity, IT Governance, IT Service management, information security and business continuity management.

Help Net Security

Help Net Security

Help Net Security has been a prime resource for information security news and insight since 1998.

Proofpoint

Proofpoint

Proofpoint provide the most effective cybersecurity and compliance solutions to protect people on every channel including email, the web, the cloud, social media and mobile messaging.

Ambersail

Ambersail

Ambersail provide Penetration Testing and Cyber Security Compliance services.

Cast Software

Cast Software

CAST is a pioneer in Software Analysis and Measurement (SAM) to capture and quantify the reliability and security of business applications.

Detack

Detack

Detack is an independent supplier of IT security auditing and consulting services.

Utility Cyber Security Forum

Utility Cyber Security Forum

The Utility Cyber Security Forum offers a focused venue in which utility executives can network one-on-one with colleagues facing issues in protecting against cyber attacks.

Ampliphae

Ampliphae

Ampliphae gives you an easy-to-deploy, sophisticated and affordable cloud-discovery, security and compliance platform.

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries is America’s largest military shipbuilding company and a provider of professional services to partners in government and industry.

Luxembourg House of Financial Technology (LHoFT)

Luxembourg House of Financial Technology (LHoFT)

Offering start-up incubation, co-working spaces including a soft-landing platform, the LHoFT connects and creates value for the entire Luxembourg FinTech ecosystem.

GoTo

GoTo

At GoTo we help people and businesses to connect and collaborate simply and securely – from anywhere. We’re the trusted partner for companies of all sizes.

CyberMaxx

CyberMaxx

At CyberMaxx, our approach to cybersecurity provides end-to-end coverage for our customers – we use offense to fuel defense.

eGyanamTech (EGT)

eGyanamTech (EGT)

eGyanamTech provides robust security solutions tailored for Operational Technology (OT) and Supervisory Control and Data Acquisition (SCADA) systems used in critical infrastructure systems.

Fivecast

Fivecast

Fivecast is enabling a safer world. We help organizations around the world explore masses of data to uncover actionable insights.

Vana Solutions

Vana Solutions

Vana Solutions is an Information Technology Services company. We help commercial & federal organizations select, adapt, and integrate the right technology solution so you can move faster.