Attackers are expected to go after targets such as government agencies, diplomatic missions, diplomats, technology companies, and financial institutions around the world. They may also pursue opportunistic goals in the form of organizations with vulnerable agendas.
“Russian cyber actors have an interest in and very good access to undocumented systems in many sectors, and once in, they can use this access to meet their goals. All organizations are encouraged to strengthen their cyber defenses: heed the advice contained within the advisory and prioritize the deployment of patches and software updates,” NCSC Chief Operating Officer Paul Chichester said in a statement.
SVR tactics, techniques, and procedures (TTPs) include spear hacking, password spraying, supply chain and trust abuse, malware, and cloud exploitation to gain initial access and escalation of privileges.
Source link