FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure
Jan 12, 2022
Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan , American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) have laid bare the tactics, techniques, and procedures (TTPs) adopted by the adversaries, including spear-phishing, brute-force, and exploiting known vulnerabilities to gain initial access to target networks. The list of flaws exploited by Russian hacking groups to gain an initial foothold, which the agencies said are "common but effective," are below — CVE-2018-13379 (FortiGate VPNs) CVE-2019-1653 (Cisco router) CVE-2019-2725 (Oracle WebLogic Server) CVE-2019-7609 (Kibana) CVE-2019-9670 (Zimbra software) CVE-2019-10149 (Exim Simple Mail Transf