The Department of Homeland Security (“DHS”) and the National Cybersecurity and Communications Integration Center (“NCCIC”) joined together to host an unclassified webinar to brief on Russian government cyber activity against critical infrastructure. The webinar series is offered in response to Russian government actions targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. The webinar presentation included an overview of recent attack and various common techniques used to infiltrate targets.
The presentation focused its discussion on the penetration of corporate networks and the targeting of control systems. NCCIC emphasized that often threat actors will first attack a “staged target” that has a preexisting relationship with the “intended target.” This strategy is undertaken in order to lay the groundwork for sending phishing emails from what seems like a trusted source, but which actually contains malware. If not careful, clicking on links or opening attachments from these sources can provide threat actors access to the credentials that could open the entire corporation, along with their customers, to a cyberattack.
or at 1-888-282-0870.
A copy of the presentation can be found here: https://www.us-cert.gov/sites/default/files/c3vp/Russian_Activity_Webinar_Slides.pdf
For more information, please contact Kristen Connolly McCullough
or Sean Neal