You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CISA, along with numerous partners (including the FBI, NSA, ASD's ACSC, and many other national security and intelligence agencies) have released a joint advisory on the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155). GRU Unit 29155 have been responsible for computer network operations against global targets and critical infrastructure for the purposes of espionage, sabotage, and reputational harm since at least 2020.
## Recommendation
The WA SOC recommends administrators review relevant advisories and apply the recommended actions to all affected devices.
Russian Military Cyber Actors Target US and Global Critical Infrastructure: <https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a>
The key immediate recommended mitigations include:
- Prioritising routine system updates and remediating known exploited vulnerabilities.
- Segmenting networks to prevent the spread of malicious activity.
- Enabling phishing-resistant multifactor authentication (MFA) for all externally facing account services, especially for webmail, virtual private networks (VPNs), and accounts that access critical systems.
