The National Security Agency, FBI, Cybersecurity and Infrastructure Security Agency and international allies have issued a joint advisory on a group of Russian military cyberthreat actors targeting critical infrastructure in the U.S. and abroad as part of efforts to conduct espionage, reputational harm and sabotage.
NSA said Thursday the cyber actors linked to the Russian GRU Unit 29155 are responsible for deploying the WhisperGate malware against victim organizations in Ukraine as early as January 2022 and have performed malicious computer network operations against several NATO member countries.
According to the advisory, the malicious actors’ activities include data exfiltration, infrastructure scanning, data leak operations and website defacements.
Since early 2022, the threat actors have been focused on disrupting efforts to deliver aid to Ukraine.
The advisory includes recommendations to mitigate malicious cyber activities, such as prioritizing routine system updates and remediating known exploited vulnerabilities, segmenting networks and enabling phishing-resistant multifactor authentication for all externally facing account services.
Register here to attend the Potomac Officers Club’s 2024 Intel Summit on Sept. 19 and hear top U.S. intelligence community officials and industry executives discuss the challenges, opportunities and innovation shaping the future of American intelligence.