The Russia-Ukraine conflict may be thousands of miles away, but the effects of the conflict have gone well past the Ukraine’s borders via the digital battlefield. Although the U.S federal government hasn’t been targeted directly, with the cyberattacks focused on Ukranian government agencies, there have been signs of emergent interest by Russian threat actors in international organizations central to the U.S. and European response to Russian aggression. In particular, it appears that Russian threat actors are conducting intelligence collecting missions focused on international organizations led by US and NATO governments that have any role with Russia-Ukraine conflict, specifically those involved in policy and sanctions implementation
In a recent interview, Luke McNamara, Mandiant’s Principal Analyst, discussed how the U.S. federal government can optimize their preparedness activities to protect their delegations to these international organizations and their overseas and domestic assets. “By studying ongoing intrusion campaigns and cyberattacks in other countries, we can better prepare for cyberattacks [on US government agencies],” McNamara explained. “Visibility into Russian operations [in Ukraine] can help us understand how their tools, tactics, and procedures (TTPs) are evolving. We can look at such things like how they’re propagating malware in a target environment and learn from those operations.”
One notably persistent Russian threat actor that government agencies should be aware of and learn from is APT29. According to a report by Mandiant, APT29’s intended “targets have included Western governments, foreign affairs and policymaking bodies, government contractors, universities, and possibly international news outlets.” The report contains several notable threat actors, malware, and other cybersecurity risks that agencies should be aware of.
Agencies need to prepare themselves to be able to counteract cyberattacks quickly and decisively. By keeping cybersecurity teams up to date on the latest attack trends, agencies can better protect themselves from cyberattacks that could disrupt essential services and cause considerable damage to federal infrastructure. Preparation and knowledge are the keys to winning this digital battle.
Learn more about recent cyber threats and attack trends here.