CISA Releases New Joint Advisory - 20240906001

Overview

CISA, along with numerous partners (including the FBI, NSA, ASD's ACSC, and many other national security and intelligence agencies) have released a joint advisory on the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155). GRU Unit 29155 have been responsible for computer network operations against global targets and critical infrastructure for the purposes of espionage, sabotage, and reputational harm since at least 2020.

Recommendation

The WA SOC recommends administrators review relevant advisories and apply the recommended actions to all affected devices.

Russian Military Cyber Actors Target US and Global Critical Infrastructure: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a

The key immediate recommended mitigations include:

• Prioritising routine system updates and remediating known exploited vulnerabilities.
• Segmenting networks to prevent the spread of malicious activity.
• Enabling phishing-resistant multifactor authentication (MFA) for all externally facing account services, especially for webmail, virtual private networks (VPNs), and accounts that access critical systems.