CISA issues advisory on state-sponsored hacking amid Russia, Ukraine tension

The advisory singled out critical infrastructure as being especially at risk.
Swiss police officers stand at the entrance of the U.S. Permanent Mission in Geneva ahead of talks over Ukraine on Jan. 10, 2022. (Photo by FABRICE COFFRINI / AFP via Getty Images)

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency Tuesday advised cybersecurity professionals to be on alert for attacks from Russian state-sponsored hackers.

The DHS warning, issued alongside the National Security Agency and the Federal Bureau of Investigation, singled out critical infrastructure as being especially at risk. Russian state-sponsored hackers have in the past been able to gain access to energy networks in the U.S. and abroad. Most notably, in 2015 and 2016, suspected Russian hackers launched cyberattacks against Ukrainian power sources, leading to severe outages.

The advisory coincides with ongoing tension between the United States and Russia over Russia’s military buildup in Ukraine. The White House warned that the U.S. will take action if Russian troops enter the country. (The Kremlin has denied any plans to attack Ukraine.)

Russian hackers previously went after state and local governments and aviation networks in early 2020, compromising networks and stealing data from victims.


The advisory lists 14 known vulnerabilities exploited by suspected Russian hacking groups in the past. The agencies warn that threat actors rely on “common but effective tactics—including spearphishing, brute force, and exploiting known vulnerabilities against accounts and networks with weak security—to gain initial access to target networks.”

Logging is key!” NSA cybersecurity director Rob Joyce tweeted. “With Russian focus on persistent access to compromised networks, you need robust logs and focused effort to hunt, find, and kick them out.”

Russia declared war against Ukraine on Feb. 24., 2022. Before, during and after the military campaign began, the CyberScoop staff has been tracking the cyber dimensions of the conflict.

This story was featured in CyberScoop Special Report: War in Ukraine

Tonya Riley

Written by Tonya Riley

Tonya Riley covers privacy, surveillance and cryptocurrency for CyberScoop News. She previously wrote the Cybersecurity 202 newsletter for The Washington Post and before that worked as a fellow at Mother Jones magazine. Her work has appeared in Wired, CNBC, Esquire and other outlets. She received a BA in history from Brown University. You can reach Tonya with sensitive tips on Signal at 202-643-0931. PR pitches to Signal will be ignored and should be sent via email.

Latest Podcasts