CISA, FBI Release Joint Advisory on Threat Actors Targeting Think Tanks

CISA, FBI Release Joint Advisory on Threat Actors Targeting Think Tanks
Russia-Linked Hackers

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) are warning that advanced persistent threat (APT) actors are exploiting vulnerabilities in internet-facing devices and remote connections and using spear phishing emails to access networks of U.S. think tanks.

“Increased telework during the COVID-19 pandemic has expanded workforce reliance on remote connectivity, affording malicious actors more opportunities to exploit those connections and to blend in with increased traffic,” the advisory reads. 

The advisory from CISA and the bureau listed several tactics, techniques and procedures APT actors used to target think tanks, including defense evasion and privilege escalation techniques and those used to gain initial and credential access. 

The two agencies advised users at think tanks to be aware of tailored spear phishing attacks, log off remote connections when not in use and use different passwords for personal and corporate accounts, among others. 

Cybersecurity and information technology professionals at think tanks should also take steps, such as segregating and segmenting networks and functions, implementing multifactor authentication for corporate accounts and fielding antivirus software on organizational devices.

You may also be interested in...

Huntington Ingalls

Huntington Ingalls Board Elects Kari Wilkinson as EVP, Shipbuilding Division President

Huntington Ingalls Industries’ (HII) Board of Directors has elected Kari Wilkinson, Ingalls’ vice president, program management, to serve as executive vice president of HII and president of the Shipbuilding division, effective April 1st. She will succeed Brian Cuccias, who will retire in April. Wilkinson will report to HII executive vice president and chief operating officer Chris Kastner