The National Security Agency announced that U.S. and U.K. authorities have released a new joint cybersecurity guidance recommending measures for network defenders to address ongoing cyber threats from the Russian Federation Foreign Intelligence Service, or SVR.
The joint advisory listed the common vulnerabilities and exposures that SVR is exploiting through various malicious tactics, such as spearphishing, password spraying, malware deployment, cloud exploitation and living off the land, or LOTL, attacks, the NSA said Thursday.
The new eight-page joint cybersecurity advisory, titled “Update on SVR Cyber Operations and Vulnerability Exploitation,” is co-authored by the NSA, the FBI, the U.S. Cyber Command’s Cyber National Mission Force and the U.K.’s National Cyber Security Centre, or NCSC.
To reduce the potential SVR attack surface, the advisory suggests disabling unnecessary internet-accessible services, restricting access to trusted networks and removal of unused applications in workstations.
Other advisory suggestions include multi-factor user authentication and regular audits of cloud-based accounts and applications
Additional mitigation measures on Russian exploitation of cloud environments are contained in another joint cybersecurity advisory issued in February. The earlier guidance was spearheaded by the U.K.’s NCSC and supported by international partners including U.S., Canadian, Australian and New Zealand security agencies.