Canada and Five Eyes allies issue another plea to critical infrastructure firms to prepare for Russian cyber attacks

Share post:

Canada and its allies in the Five Eyes intelligence co-operative have issued another warning to organizations in the critical infrastructure sectors to be prepared for cyberattacks from Russia as a response to governments helping Ukraine. Similar to a warning issued in March, it says “evolving intelligence” indicates that the Russian government is exploring options for potential cyberattacks. Recent Russian state-sponsored cyber operations have included distributed denial-of-service (DDoS) attacks, and older operations have included deployment of destructive malware against Ukrainian government and critical infrastructure organizations. The advisory — co-authored by U.S., Australian, Canadian, New Zealand, and U.K. cyber authorities with contributions from industry members of the Joint Cyber Defense Collaborative (JCDC)— provides an overview of Russian state-sponsored advanced persistent threat (APT) groups, Russian-aligned cyber threat groups, and Russian-aligned cybercrime groups to help the cybersecurity community protect against possible cyber threats. The agencies urge critical infrastructure network defenders to prepare for and mitigate potential cyber threats — including destructive malware, ransomware, DDoS attacks, and cyber espionage — by hardening their cyber defenses and performing due diligence in identifying indicators of malicious activity. They provide a mitigations section of the advisory with recommended hardening actions. The critical infrastructure sector includes financial institutions, energy providers, telecom providers, the healthcare sector, transportation companies, food growers and distributors, manufacturers and governments. They are urged to
  • create, maintain, and exercise a cyber incident response and continuity of operations plan including a ransomware-specific annex;
  • maintain offline (i.e., physically disconnected) backups of data. “Backup procedures should be conducted on a frequent, regular basis,” says the alert. “Regularly test backup procedures and ensure that backups are isolated from network connections that could enable the spread of malware”;
  • ensure all backup data is encrypted, immutable (i.e., cannot be altered or deleted), and covers the entire organization’s data infrastructure.
  • OT (operational technology) assets and networks — such as internet-connected industrial control systems — should have a resilience plan that addresses how to operate if organizations lose access to—or control of—the IT and/or OT environment.
There’s also a link to this version of the alert from the U.S. Cybersecurity and Infrastructure Security Agency with more detailed recommended mitigations for a cyber attack from any threat group, which is a great resource for IT professionals. The lengthy warning also outlines the tactics of many Russian government and Russian-aligned criminal hacking groups. The post Canada and Five Eyes allies issue another plea to critical infrastructure firms to prepare for Russian cyber attacks first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Hertz Data Breach Exposes Customer Information via Supply Chain Hack

Hertz has disclosed a data breach resulting from a cyberattack on its vendor, Cleo Communications, which compromised sensitive...

Google’s New Security Feature – Automatic Reboot

Google is introducing a new security feature in its latest Android update that will automatically reboot phones and...

Cybersecurity Firm Prodaft Buys Hacker Forum Accounts to Monitor Cybercriminal Activity

Swiss cybersecurity company Prodaft has initiated a program to purchase verified and aged accounts on hacking forums, aiming...

Operation Endgame: Burnaby, BC Resident Arrested As Cops Go After Individual Hackers

As part of Operation Endgame, international law enforcement agencies have arrested a Burnaby, British Columbia resident accused of...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways