Canada and Five Eyes allies issue another plea to critical infrastructure firms to prepare for Russian cyber attacks

Share post:

Canada and its allies in the Five Eyes intelligence co-operative have issued another warning to organizations in the critical infrastructure sectors to be prepared for cyberattacks from Russia as a response to governments helping Ukraine. Similar to a warning issued in March, it says “evolving intelligence” indicates that the Russian government is exploring options for potential cyberattacks. Recent Russian state-sponsored cyber operations have included distributed denial-of-service (DDoS) attacks, and older operations have included deployment of destructive malware against Ukrainian government and critical infrastructure organizations. The advisory — co-authored by U.S., Australian, Canadian, New Zealand, and U.K. cyber authorities with contributions from industry members of the Joint Cyber Defense Collaborative (JCDC)— provides an overview of Russian state-sponsored advanced persistent threat (APT) groups, Russian-aligned cyber threat groups, and Russian-aligned cybercrime groups to help the cybersecurity community protect against possible cyber threats. The agencies urge critical infrastructure network defenders to prepare for and mitigate potential cyber threats — including destructive malware, ransomware, DDoS attacks, and cyber espionage — by hardening their cyber defenses and performing due diligence in identifying indicators of malicious activity. They provide a mitigations section of the advisory with recommended hardening actions. The critical infrastructure sector includes financial institutions, energy providers, telecom providers, the healthcare sector, transportation companies, food growers and distributors, manufacturers and governments. They are urged to
  • create, maintain, and exercise a cyber incident response and continuity of operations plan including a ransomware-specific annex;
  • maintain offline (i.e., physically disconnected) backups of data. “Backup procedures should be conducted on a frequent, regular basis,” says the alert. “Regularly test backup procedures and ensure that backups are isolated from network connections that could enable the spread of malware”;
  • ensure all backup data is encrypted, immutable (i.e., cannot be altered or deleted), and covers the entire organization’s data infrastructure.
  • OT (operational technology) assets and networks — such as internet-connected industrial control systems — should have a resilience plan that addresses how to operate if organizations lose access to—or control of—the IT and/or OT environment.
There’s also a link to this version of the alert from the U.S. Cybersecurity and Infrastructure Security Agency with more detailed recommended mitigations for a cyber attack from any threat group, which is a great resource for IT professionals. The lengthy warning also outlines the tactics of many Russian government and Russian-aligned criminal hacking groups. The post Canada and Five Eyes allies issue another plea to critical infrastructure firms to prepare for Russian cyber attacks first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.


Related articles

Socket develops tool to protect developers from npm vulnerabilities

Socket, a security firm, has created a new method for protecting developers from the flaws in npm, GitHub's...

Google spots vulnerabilities in Exynos chips that could affect Androids

Google is urging Android phone owners, such as those who own Samsung, Pixel, or Vivo phones, to take...

Orlando Family Physicians agrees to settle clients affected by data breach

Orlando Family Physicians (OFP) has reached a class action settlement to resolve claims stemming from a 2021 healthcare...

FBI arrests alleged head of BreachForums criminal market

Man arrested in New York state is believed to have run one of the biggest criminal forums in

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways