The Cybersecurity and Infrastructure Security Agency, the Department of Energy and the FBI have jointly issued an advisory on state-sponsored Russian cyber threats that targetted the energy sector from 2011 to 2018.
Russian cyber actors used the Havex malware in attempts to breach the global energy sector and the TRITON malware to compromise an energy sector organization in the Middle East, CISA said Thursday.
The U.S. government advises organizations to separate information technology networks from industrial control systems, implement multifactor authentication and manage the activity of accounts with special privileges.
The advisory also recommends the implementation of secure password policies, network traffic filtering and system audits.
“In light of the indictments announced today and evolving intelligence that the Russian government is exploring options to conduct potential cyberattacks against the U.S., CISA, along with our FBI and DOE partners, is issuing this joint advisory to reinforce the demonstrated threat posed by Russian state-sponsored cyber actors,” said Jen Easterly, director of CISA and a 2022 Wash100 Award winner.
