UK cyber security chiefs have issued a new warning to Government bodies, tech companies and financial institutions to ensure they are safe from Russian state-backed hackers.
The latest advice from the National Cyber Security Centre (NCSC), penned alongside US security agencies, shares the most recent tactics used by the SVR – Russia’s foreign intelligence service – to collect information that could help it in future cyber operations.
This could include efforts to help Russia in its ongoing invasion of Ukraine, according to the agencies.
PATCH! PATCH! PATCH! 🛡️Today, the NCSC and partners in the 🇺🇸 have issued a joint advisory containing known vulnerabilities that are being exploited by Russia’s Foreign Intelligence Service (SVR), also known as APT29 👇https://t.co/cWsgUYChLg
— NCSC UK (@NCSC) October 10, 2024
The advisory warns SVR attackers are exploiting cyber vulnerabilities on a massive scale, and have two types of intended victims for their actions.
The first of these are “targets of intent”, and include Government and diplomatic bodies, think tanks, tech companies, and financial institutions.
The second are “targets of opportunity”, where the SVR scans internet systems to look for vulnerabilities that could be exploited.
Once either kind of victim has been compromised, follow-up attacks by the SVR are likely, the advisory said.
UK organisations who believe they have been subject to the kind of Russian cyber attack highlighted in the advice are being urged to report it to the NCSC.
NCSC director of operations Paul Chichester said: “Russian cyber actors are interested in and highly capable of accessing unpatched systems across a range of sectors, and once they are in, they can exploit this access to meet their objectives.
“All organisations are encouraged to bolster their cyber defences: take heed of the advice set out within the advisory and prioritise the deployment of patches and software updates.”