FORT MEADE, Md. — The Federal Bureau of Investigation (FBI), Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) published a joint Cybersecurity Advisory today regarding Russian state-sponsored cyber actors ongoing efforts over the last several years to target U.S. cleared defense contractors. The advisory, “Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology,” details the industries and information Russian actors have targeted, common adversary tactics, detection and incident response actions, and mitigation recommendations. NSA and its partners assess that continued targeting is likely and recommend organizations apply the mitigations shared in the joint Cybersecurity Advisory.
NSA encourages all U.S. cleared defense contractors (CDC) — with or without evidence of compromise — to apply the mitigations in the advisory to reduce the risk of compromise by Russian state-sponsored cyber actors. While these mitigations are not intended to be all encompassing, they address common TTPs observed in these intrusions and will help to mitigate against common malicious activity.
"Over the last several years, Russian state-sponsored cyber actors have been persistent in targeting U.S. cleared defense contractors to get at sensitive information. Armed with insights like these, we can better detect and defend important assets together,” said Rob Joyce, Director of NSA Cybersecurity.
Review the full joint advisory here.
Visit our full library for more cybersecurity information and technical guidance.