NCSC exposes campaign by Russian Intelligence Services

The National Cyber Security Centre has joined with its US counterparts to publish a joint advisory exposing malicious cyber activity by Russia’s military intelligence service, the GRU, against organisations globally.

Alongside the US National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), the advisory reveals the tactics, techniques and procedures (TTPs) used in this campaign which has targeted both private and public sector networks from at least mid-2019. Global targets include government and military, defence contractors, energy companies, higher education, logistics, law firms, media, political consultants or political parties and think tanks.

Network defenders are encouraged to follow mitigations outlined in the advisory and, in the first instance, ensure that multi-factor authentication (MFA) is rolled out across systems.