Cybersecurity agencies in the US, UK, Australia, Canada and New Zealand have issued another warning to organizations beyond Ukraine’s borders that they may soon be targeted by pro-Russian hackers.
The so-called “Five Eyes” intelligence group published its most detailed threat assessment yesterday, including information on Kremlin-backed units and cybercrime groups that have pledged to support Russia.
The Russian state groups named and shamed in the report are the Russian Federal Security Service (FSB), Russian Foreign Intelligence Service (SVR), Russian General Staff Main Intelligence Directorate (GRU) and the Russian Ministry of Defense, Central Scientific Institute of Chemistry and Mechanics (TsNIIKhM).
The report claimed that the cybercrime groups that could threaten Western critical infrastructure (CNI) organizations include data leak extortionists the CoomingProject, DDoS-ers Killnet, Emotet operators Mummy and Sality botnet developer Salty Spider.
Also included on the list are malware-as-a-service group Scully Spider, Smoke Loader bot developer Smokey Spider, TrickBot and Conti group Wizard Spider and The XakNet Team.
The alert has links to multiple useful resources, a lengthy list of mitigations and technical details on each group, including common tactics, techniques and procedures (TTPs).
National Cyber Security Centre (NCSC) CEO, Lindy Cameron, argued that at a time of heightened tension like this, it’s imperative that organizations plan and invest in “longer-lasting” security measures.
“It is vital that all organizations accelerate plans to raise their overall cyber-resilience, particularly those defending our most critical assets,” she added.
“The NCSC continues to collaborate with our international and law enforcement partners to provide organizations with timely actionable advice to give them the best chance of preventing cyber-attacks, wherever they come from.”
The warning from the Five Eyes group comes after senior US officials also raised the alarm on the CBS show 60 Minutes this week. President Biden issued a similar warning back in March.