You are here

Joint Cybersecurity Advisory – Update on SVR Cyber Operations and Vulnerability Exploitation

Joint Cybersecurity Advisory – Update on SVR Cyber Operations and Vulnerability Exploitation

Created: Tuesday, October 15, 2024 - 14:10
Categories:
Cybersecurity, Federal & State Resources, Security Preparedness

Last week, the NSA, FBI, and other federal and international partners issued a joint Cybersecurity Advisory (CSA) “Update on SVR Cyber Operations and Vulnerability Exploitation”. The joint CSA warns of ongoing Russian Federation Foreign Intelligence Service (SVR) cyber threats, highlighting how SVR actors are currently exploiting a set of software vulnerabilities and have intentions to exploit additional vulnerabilities. A detailed list of publicly disclosed common vulnerabilities and exposures (CVEs) are included along with a list of mitigations to improve cybersecurity posture based on SVR cyber actors’ operations.

The CSA includes a range of tactics, techniques, and procedures used by SVR cyber actors, including but not limited to:

  • Spearphishing
  • Password spraying
  • Abuse of supply chain and trusted relationships
  • Custom and bespoke malware
  • Cloud exploitation
  • Living off the land techniques

As nation-state actors continue to target water and wastewater utilities, WaterISAC recommends members review the joint CSA with the list of CVEs and mitigations to help improve their cybersecurity posture. Access the full joint CSA here.

Previous WaterISAC Analysis and Coverage of Russia-linked Cyber Actors: