skip to Main Content

Welcome

Hi there! You’ve got questions? We have answers. Just send us a message and one of our knowledgeable staff will be in contact with you soon.

Get In Touch

Email: info@eoacc.com
Phone: (UK) +44 (0)203 405 2320
Address: UK: Collingham House, 10-12 Gladstone road, Wimbledon, London, SW19 1QT

Our Location

UK: +44(0)203 405 2320 / SA: +27(0)21 300 2380 info@eoacc.com

Cyber security: Evolving tactics from Russian state-linked cyber actors

The UK’s National Cyber Security Centre have highlighted the evolving tactics of Russian state-linked cyber actors.

NCSC has noted that malicious cyber actors linked to Russia’s Foreign Intelligence Service (SVR) have expanded their targeting from governmental, think tank, healthcare and energy organisations to include aviation, education, law enforcement, local and state councils, government financial departments and military organisations.

Traditionally, SVR actors have exploited software vulnerabilities to access information held by organisations in these sectors. However, because of the increasing move to cloud-based infrastructure, these traditional approaches are now less effective.

Therefore, NCSC report that tactics have evolved to try and gain access to these cloud-based systems. But since access to cloud-based systems is far more reliant on gaining initial access to the cloud provider, a good baseline of cyber security fundamentals can help to prevent successful attacks.

  • Use of multi-factor authentication, or 2-step verification, and strong unique passwords are good ways to mitigate and defend against this type of malicious cyber activity.
  • Making sure that user and system accounts are disabled when employees leave is also key, as dormant or inactive accounts are often involved in a successful cyber attack.

Additional information and mitigation strategies are set out in NCSC’s advisory, which can be found here: https://www.ncsc.gov.uk/news/svr-cyber-actors-adapt-tactics-for-initial-cloud-access

Author

Back To Top