20240906001 (#974)

* 20240906001 * Format markdown docs --------- Co-authored-by: DGOV-Bryce <DGOV-Bryce@users.noreply.github.com>
wagov · Sep 6, 2024 · 859a040 · 859a040
1 parent 387009b
commit 859a040
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/docs/advisories/20240906001-CISA-Joint-Advisory.md b/docs/advisories/20240906001-CISA-Joint-Advisory.md
@@ -0,0 +1,17 @@
+# CISA Releases New Joint Advisory - 20240906001
+
+## Overview
+
+CISA, along with numerous partners (including the FBI, NSA, ASD's ACSC, and many other national security and intelligence agencies) have released a joint advisory on the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155). GRU Unit 29155 have been responsible for computer network operations against global targets and critical infrastructure for the purposes of espionage, sabotage, and reputational harm since at least 2020.
+
+## Recommendation
+
+The WA SOC recommends administrators review relevant advisories and apply the recommended actions to all affected devices.
+
+Russian Military Cyber Actors Target US and Global Critical Infrastructure: <https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a>
+
+The key immediate recommended mitigations include:
+
+- Prioritising routine system updates and remediating known exploited vulnerabilities.
+- Segmenting networks to prevent the spread of malicious activity.
+- Enabling phishing-resistant multifactor authentication (MFA) for all externally facing account services, especially for webmail, virtual private networks (VPNs), and accounts that access critical systems.