The cyber agency has teamed up with foreign counterparts to support the provision of new advice to thwart Russian state-sponsored cyber actors.
The National Cyber Security Centre has partnered with the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) to develop advice on countering Russian state-sponsored cyber threats targeting critical infrastructure.
The cooperative has published a joint advisory encouraging network defenders of critical infrastructure to remain vigilant against Russian-backed hacking groups.
Recommendations include reviews of Russian state-sponsored cyber operations, commonly observed tactics, techniques and procedures (TTPs), detection actions, incident response guidance, and mitigations.
Critical infrastructure organisations have been urged to:
- patch all systems and prioritise patching known exploited vulnerabilities;
- implement multi-factor authentication; and
- use antivirus software.
The advisory lists 13 vulnerabilities known to have been exploited by Russian-backed actors in order to gain access to networks.
Organisations are also warned about the growing use of spear-phishing and brute force techniques.