CISA Advisory
Russian State-Sponsored Actors Target US Critical Infrastructure
AA24-131A • Published May 10, 2024
Severity: critical
Russian government hackers are actively trying to break into American power plants, water systems, and other critical infrastructure. They're using stolen passwords and known software bugs that many organizations haven't fixed yet. If you run critical infrastructure, you need to patch your systems and enable two-factor authentication immediately.
Overview
This joint Cybersecurity Advisory from CISA, FBI, and NSA warns about Russian state-sponsored cyber actors targeting US critical infrastructure sectors including energy, healthcare, and government. The actors are exploiting default credentials, known vulnerabilities, and conducting spear-phishing campaigns.
Who Is At Risk
- • Energy sector organizations
- • Healthcare providers
- • Government agencies
- • Defense industrial base
- • Financial services
Affected Products
Microsoft Exchange Server, Fortinet FortiGate, Cisco ASA, VMware vCenter
Is your business exposed?
Immediate Actions
- 1.
Patch all systems against known exploited vulnerabilities
- 2.
Enable MFA on all remote access systems
- 3.
Review Active Directory for suspicious accounts
- 4.
Block known malicious IPs and domains at firewall
- 5.
Brief security team on threat indicators
Official Source
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-131aIs your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required