- NSA has revealed that Russian state-backed hackers continue to target critical infrastructure networks
- The cybersecurity advisory identifies Russia’s FSB Center 16 as a key threat actor behind ongoing cyber operations
- The defense, energy, healthcare, finance and government sectors are still the primary targets
The National Security Agency, working with partner organizations, has issued a cybersecurity advisory, or CSA, warning that Russian cyber actors continue to threaten networks supporting critical infrastructure sectors.
Join the 2026 Intel Summit on Sept. 24 to hear senior intelligence leaders and industry experts discuss how AI, data, cyber capabilities and secure information-sharing are reshaping intelligence operations amid evolving mission demands and fiscal constraints. Sign up now.
What Threat Does the Advisory Address?
The agency said Monday that the advisory, titled “Improve Router Hygiene to Protect Against Russian State-Sponsored Targeting,” states that the Russian Federal Security Service’s Center 16 is targeting vulnerable networks. According to the NSA, the activity has affected U.S. and foreign organizations in multiple sectors, including the defense industrial base, communications, energy, financial services, government facilities and healthcare.
This latest guidance follows earlier warnings from the NSA and its partners about Russian cyber operations targeting network infrastructure. In April, the agency joined the FBI and international allies in alerting organizations that Russian GRU hackers were exploiting vulnerable routers to steal sensitive information from government, military and critical infrastructure networks.
What Measures Are Recommended?
To reduce the risk of cyberattacks, the CSA recommends that organizations adopt Simple Network Management Protocol v3, enforce strong password policies, disable Cisco Smart Install, block Trivial File Transfer Protocol, Structure of Management Information and Simple Network Management Protocol at the firewall and keep software and firmware up to date by applying security patches. Together, these measures help limit opportunities for exploitation and improve an organization’s resilience against sophisticated cyber threats.
The recommendations reflect the NSA’s broader effort to promote proactive cybersecurity practices through technical guidance addressing evolving threats to critical infrastructure and other high-value networks.







