Threat Intel Solutions

* [ICS/OT Security](/ics-ot-security)* [Cyberattacks -& Data Breaches](/cyberattacks-data-breaches)* [Cyber Risk](/cyber-risk)* [Vulnerabilities -& Threats](/vulnerabilities-threats)Feds Warn on Russian Actors Targeting Critical Infrastructure Feds Warn on Russian Actors Targeting Critical Infrastructure===========================================================================================================================In the past, Putin’s Unit 29155 has utilized malware like WhisperGate to target organizations, particularly those in Ukraine.  [Dark Reading Staff](/author/dark-reading-staff), Dark ReadingSeptember 6, 2024 1 Min Read  Source: vchal via Alamy Stock Photo [](https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/ics-ot-security/feds-warn-russian-actors-targeting-critical-infrastructure)[](http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/ics-ot-security/feds-warn-russian-actors-targeting-critical-infrastructure)[](http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/ics-ot-security/feds-warn-russian-actors-targeting-critical-infrastructure)[](/cdn-cgi/l/email-protection#427d313720282721367f04272631621523302c622d2c62103731312b232c620321362d3031621623302527362b2c256201302b362b21232e620b2c24302331363037213637302764232f3279202d263b7f0b677072362a2d37252a36677072362a27677072242d2e2e2d352b2c2567707224302d2f67707206233029677072102723262b2c256770722f2b252a366770722b2c3627302731366770723b2d376c677206677203677206677203677072042726316770721523302c6770722d2c677072103731312b232c6770720321362d30316770721623302527362b2c2567707201302b362b21232e6770720b2c2430233136303721363730276772066772032a363632316771036770046770043535356c26233029302723262b2c256c212d2f6770042b21316f2d366f31272137302b363b677004242726316f3523302c6f303731312b232c6f2321362d30316f3623302527362b2c256f21302b362b21232e6f2b2c243023313630372136373027)[](https://www.reddit.com/submit?url=https://www.darkreading.com/ics-ot-security/feds-warn-russian-actors-targeting-critical-infrastructure&title=Feds%20Warn%20on%20Russian%20Actors%20Targeting%20Critical%20Infrastructure) The United States, alongside several of its allies including the UK, are accusing the Russian military of attacking global critical infrastructure units through malicious cyber operations bent on espionage, sabotage, and reputational damage.The FBI, NSA, and CISA have published a joint advisory assessing the cyber actors affiliated with the Russian GRU 161st Specialist Training Center, otherwise known as Unit 29155. The group has been active since 2020, but began deploying [WhisperGate malware](https://www.darkreading.com/threat-intelligence/russian-apt-cadet-blizzard-ukraine-wiper-attacks) against Ukrainian organizations in January 2022.In addition to leveraging the malware against Ukrainian victims, the group has also conducted network operations against numerous members of [NATO](https://www.darkreading.com/cyberattacks-data-breaches/hack-crew-responsible-for-stolen-data-nato-investigates-claims) in North America and Europe, as well as targets in Latin America and Central Asia. These operations include website defacements, infrastructure scanning, data exfiltration, and data leaking.[According to the advisory](https://media.defense.gov/2024/Sep/05/2003537870/-1/-1/0/CSA-Russian-Military-Cyber-Target-US-Global-CI.PDF), ‘Unit 29155 cyber actors are known to target critical infrastructure and key resource sectors, including the government services, financial services, transportation systems, energy, and healthcare sectors.’Though overt attacks on critical infrastructure are concerning, the issue goes further than that.’While cyberattacks against critical infrastructure are certainly concerning, it is even more concerning to imagine that adversaries could gain access to systems without our knowledge and [remain hidden until an issue occurred](https://www.darkreading.com/vulnerabilities-threats/volt-typhoon-hits-multiple-electric-cos-expands-cyber-activity), and could then be used to take down critical tools, utilities, or communication systems,’ said Erich Kron, security awareness advocate at KnowBe4. Kron cited ‘vendors providing services to these critical infrastructure partners’ as being at high risk for related attacks as well.Organizations can mitigate against these kinds of threats by prioritizing routine system updates and remediating known exploited vulnerabilities; segmenting networks to prevent the spread of malware or malicious activity; and enabling phishing-resistant multifactor authentication, especially for webmail, VPNs, and critical system accounts. [](https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/ics-ot-security/feds-warn-russian-actors-targeting-critical-infrastructure)[](http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/ics-ot-security/feds-warn-russian-actors-targeting-critical-infrastructure)[](http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/ics-ot-security/feds-warn-russian-actors-targeting-critical-infrastructure)[](/cdn-cgi/l/email-protection#caf5b9bfa8a0afa9bef78cafaeb9ea9dabb8a4eaa5a4ea98bfb9b9a3aba4ea8ba9bea5b8b9ea9eabb8adafbea3a4adea89b8a3bea3a9aba6ea83a4acb8abb9beb8bfa9bebfb8afecaba7baf1a8a5aeb3f783eff8fabea2a5bfada2beeff8fabea2afeff8faaca5a6a6a5bda3a4adeff8faacb8a5a7eff8fa8eabb8a1eff8fa98afabaea3a4adeff8faa7a3ada2beeff8faa3a4beafb8afb9beeff8fab3a5bfe4effa8eeffa8beffa8eeffa8beff8fa8cafaeb9eff8fa9dabb8a4eff8faa5a4eff8fa98bfb9b9a3aba4eff8fa8ba9bea5b8b9eff8fa9eabb8adafbea3a4adeff8fa89b8a3bea3a9aba6eff8fa83a4acb8abb9beb8bfa9bebfb8afeffa8eeffa8ba2bebebab9eff98beff88ceff88cbdbdbde4aeabb8a1b8afabaea3a4ade4a9a5a7eff88ca3a9b9e7a5bee7b9afa9bfb8a3beb3eff88cacafaeb9e7bdabb8a4e7b8bfb9b9a3aba4e7aba9bea5b8b9e7beabb8adafbea3a4ade7a9b8a3bea3a9aba6e7a3a4acb8abb9beb8bfa9bebfb8af)[](https://www.reddit.com/submit?url=https://www.darkreading.com/ics-ot-security/feds-warn-russian-actors-targeting-critical-infrastructure&title=Feds%20Warn%20on%20Russian%20Actors%20Targeting%20Critical%20Infrastructure) About the Author—————- [Dark Reading Staff](/author/dark-reading-staff) Dark Reading Dark Reading is a leading cybersecurity media site. [See more from Dark Reading Staff](/author/dark-reading-staff) Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. [Subscribe](https://dr-resources.darkreading.com/free/w_defa3135/prgm.cgi)You May Also Like*** ** * ** ***More Insights Webinars* [How to Evaluate Hybrid-Cloud Network Policies and Enhance Security](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_tufi05&ch=SBX&cid=_upcoming_webinars_8.500001471&_mc=_upcoming_webinars_8.500001471)September 18, 2024* [DORA and PCI DSS 4.0: Scale Your Mainframe Security Strategy Among Evolving Regulations](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa6923&ch=SBX&cid=_upcoming_webinars_8.500001477&_mc=_upcoming_webinars_8.500001477)September 26, 2024* [Harnessing the Power of Automation to Boost Enterprise Cybersecurity](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_autp86&ch=SBX&cid=_upcoming_webinars_8.500001472&_mc=_upcoming_webinars_8.500001472)October 3, 2024[More Webinars](/resources?types=Webinar) Events* [State of AI in Cybersecurity: Beyond the Hype](https://darkreadingve.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa6891&ch=SBX&cid=_session_16.500324&_mc=_session_16.500324)October 30, 2024* [-[Virtual Event-] The Essential Guide to Cloud Management](https://iw-resources.informationweek.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa6833&ch=iwkSBX&cid=_session_16.500323&_mc=_session_16.500323)October 17, 2024* [Black Hat Europe – December 9-12 – Learn More](https://www.blackhat.com/upcoming.html#europe?cid=_session_16.500321&_mc=_session_16.500321)December 10, 2024* [SecTor – Canada’s IT Security Conference Oct 22-24 – Learn More](https://www.blackhat.com/sector/2024/?cid=_session_16.500320&_mc=_session_16.500320)October 22, 2024[More Events](/events) ### Editor’s Choice[A person’s finger about to click on a screen that says Windows 11 with a blue abstract background behind it ](/vulnerabilities-threats/poc-exploit-for-zero-click-vulnerability-made-available-to-the-masses)[Vulnerabilities -& Threats](/vulnerabilities-threats) [PoC Exploit for Zero-Click Vulnerability Made Available to the Masses](/vulnerabilities-threats/poc-exploit-for-zero-click-vulnerability-made-available-to-the-masses)[PoC Exploit for Zero-Click Vulnerability Made Available to the Masses](/vulnerabilities-threats/poc-exploit-for-zero-click-vulnerability-made-available-to-the-masses) by[Dark Reading Staff](/author/dark-reading-staff) Aug 27, 2024 1 Min Read [Person holding a cellphone; black background _Tero_Vesalainen_Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale)](/vulnerabilities-threats/how-telecom-vulnerabilities-can-be-a-threat-to-cybersecurity-posture)[Vulnerabilities -& Threats](/vulnerabilities-threats) [How Telecom Vulnerabilities Can Be a Threat to Cybersecurity Posture](/vulnerabilities-threats/how-telecom-vulnerabilities-can-be-a-threat-to-cybersecurity-posture)[How Telecom Vulnerabilities Can Be a Threat to Cybersecurity Posture](/vulnerabilities-threats/how-telecom-vulnerabilities-can-be-a-threat-to-cybersecurity-posture) by[Ayan Halder](/author/ayan-halder) Aug 29, 2024 5 Min Read [CCTV control room ](/ics-ot-security/cctv-zero-day-targeted-by-mirai-botnet-campaign)[ICS/OT Security](/ics-ot-security) [CCTV Zero-Day Exposes Critical Infrastructure to Mirai Botnet](/ics-ot-security/cctv-zero-day-targeted-by-mirai-botnet-campaign)[CCTV Zero-Day Exposes Critical Infrastructure to Mirai Botnet](/ics-ot-security/cctv-zero-day-targeted-by-mirai-botnet-campaign) by[Becky Bracken, Senior Editor, Dark Reading](/author/becky-bracken) Aug 28, 2024 1 Min Read Reports* [Managing Third-Party Risk Through Situational Awareness](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_cybo171&ch=&cid=_analytics_7.300006016&_mc=_analytics_7.300006016)* [2024 InformationWeek US IT Salary Report](https://iw-resources.informationweek.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_ingg253&ch=sbx&cid=_analytics_7.300006014&_mc=_analytics_7.300006014)* [AI-Driven Testing: Bridging the Software Automation Gap](https://www.informationweek.com/whitepaper/operating-systems/application-acceleration/ai-driven-testing-bridging-the-software-automation-gap/436523?keycode=sbx&cid=_analytics_7.300005927&_mc=_analytics_7.300005927)* [The Foundation for Building Scalable Applications to Fuel Customer Satisfaction and Growth](https://www.informationweek.com/whitepaper/big-data-analytics/big-data/insights-platform-the-foundation-for-building-scalable-applications-to-fuel-customer-satisfaction-and-growth-/436443?keycode=sbx&cid=_analytics_7.300005926&_mc=_analytics_7.300005926)* [Forrester Total Economic Impact Study: Team Cymru Pure Signal Recon](https://www.informationweek.com/whitepaper/cybersecurity/risk-management-security/forrester-total-economic-impact%E2%84%A2-study-team-cymru-pure-signal%E2%84%A2-recon/429373?cid=_analytics_7.300005909&_mc=_analytics_7.300005909)[More Reports](/resources?types=Report) Webinars* [How to Evaluate Hybrid-Cloud Network Policies and Enhance Security](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_tufi05&ch=SBX&cid=_upcoming_webinars_8.500001471&_mc=_upcoming_webinars_8.500001471)September 18, 2024* [DORA and PCI DSS 4.0: Scale Your Mainframe Security Strategy Among Evolving Regulations](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa6923&ch=SBX&cid=_upcoming_webinars_8.500001477&_mc=_upcoming_webinars_8.500001477)September 26, 2024* [Harnessing the Power of Automation to Boost Enterprise Cybersecurity](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_autp86&ch=SBX&cid=_upcoming_webinars_8.500001472&_mc=_upcoming_webinars_8.500001472)October 3, 2024[More Webinars](/resources?types=Webinar) White Papers* [The Anatomy of a Ransomware Attack](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa6911&ch=SBX&cid=_whitepaper_14.500005782&_mc=_whitepaper_14.500005782)* [The ROI of RevealX Against Ransomware](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa6910&ch=SBX&cid=_whitepaper_14.500005780&_mc=_whitepaper_14.500005780)* [Purple AI Datasheet](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_senu27&ch=SBX&cid=_whitepaper_14.500005774&_mc=_whitepaper_14.500005774)* [Generative AI Gifts](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_senu28&ch=SBX&cid=_whitepaper_14.500005773&_mc=_whitepaper_14.500005773)* [Ten Elements of Insider Risk in Highly Regulated Industries](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa6742&ch=SBX&cid=_whitepaper_14.500005736&_mc=_whitepaper_14.500005736)[More Whitepapers](/resources?types=Whitepaper) Events* [State of AI in Cybersecurity: Beyond the Hype](https://darkreadingve.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa6891&ch=SBX&cid=_session_16.500324&_mc=_session_16.500324)October 30, 2024* [-[Virtual Event-] The Essential Guide to Cloud Management](https://iw-resources.informationweek.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa6833&ch=iwkSBX&cid=_session_16.500323&_mc=_session_16.500323)October 17, 2024* [Black Hat Europe – December 9-12 – Learn More](https://www.blackhat.com/upcoming.html#europe?cid=_session_16.500321&_mc=_session_16.500321)December 10, 2024* [SecTor – Canada’s IT Security Conference Oct 22-24 – Learn More](https://www.blackhat.com/sector/2024/?cid=_session_16.500320&_mc=_session_16.500320)October 22, 2024[More Events](/events)

Related Tags:
NAICS: 48 – Transportation

NAICS: 921 – Executive

Legislative

Other General Government Support

NAICS: 211 – Oil And Gas Extraction

NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 21 – Mining

Quarrying

Oil And Gas Extraction

NAICS: 62 – Health Care And Social Assistance

NAICS: 623 – Nursing And Residential Care Facilities

NAICS: 541 – Professional

Scientific

Technical Services

NAICS: 52 – Finance And Insurance

Associated Indicators: