FBI, other agencies issue joint cybersecurity advisory on Russian cyber actors targeting U.S., global organizations

Oct 11, 2024 - 01:15 PM
cybersecurity-hand-lock-graphic_900x400

The FBI, along with the National Security Agency, Cyber National Mission Force and United Kingdom鈥檚 National Cyber Security Centre, today released a joint agency advisory on cyber operations by the Russian Federation鈥檚 Foreign Intelligence Service (SVR), also known as APT29, Midnight Blizzard, Cozy Bear, and the Dukes, targeting U.S. and global entities. The agencies recommend prioritizing rapid patch deployment and keeping software up to date to protect against cyberattacks.

鈥淭his alert highlights the SVR鈥檚 aggressive targeting of U.S. critical infrastructure for espionage and possible future offensive cyber operations,鈥 said John Riggi, AHA national advisor for cybersecurity and risk. 鈥淎lthough health care is not cited as being intentionally targeted by this SVR campaign, it is noted that any entity could become a target of opportunity if it has internet-facing vulnerabilities. The SVR takes advantage of opportunistic tactics to host malicious infrastructure, conduct follow-on operations from compromised accounts, or attempt to pivot to other networks on unprotected victim infrastructure. To mitigate this threat and other types of cyberattacks, such as ransomware attacks, it is imperative that health care entities prioritize patching internet-facing vulnerabilities, employ multi-factor authentication and follow the .鈥

For more information on this issue or other cyber and risk matters contact Riggi at jriggi@aha.org. For the latest cyber threat information and resources visit www.aha.org/cybersecurity.

Related News Articles

Headline
Tactics by Scattered Spider cybercriminals highlighted in joint advisory聽
The FBI, Cybersecurity and Infrastructure Security Agency and international agencies July 29 released a joint advisory on recent tactics by the Scattered鈥
Headline
Microsoft says China-based threat actors behind SharePoint attacks聽
Microsoft July 22 released an update on the ongoing cyberattacks to SharePoint servers used within organizations, attributing the incidents to China-based鈥
Headline
Agencies warn of activity by Interlock ransomware
The FBI, Cybersecurity and Infrastructure Security Agency, Department of Health and Human Services, and Multi-State Information Sharing and Analysis Center鈥
Headline
Microsoft issues alert on vulnerabilities in ongoing SharePoint attacks聽
Microsoft July 19 issued an alert about active attacks from vulnerabilities targeting SharePoint servers used within organizations. The incidents have not鈥
Headline
AHA blog: Why and How to Incorporate Physical Security Risk into Your Enterprise Risk Management
In his latest AHA Cyber and Risk Intel blog, Scott Gee, AHA deputy national advisor for cybersecurity and risk, explains how hospitals can prepare for and鈥
AHA Cyber Intel
Why and How to Incorporate Physical Security Risk into Your Enterprise Risk Management
In today鈥檚 heightened threat environment, driven by domestic and geopolitical issues, it is more critical than ever for hospitals to prepare for and mitigate鈥