Earlier this year in February, it was lauded by the UK’s The National Cyber Security Centre that never before seen tactics were seen being attempted by Russian cyber actors. In the blog post by the organization , we follow how the UK’s National Cyber Security Center, a group of 3rd parties referred to as the Five Eyes partners, and their allies, exposed malicious cyber actors and their evolving cyber crime attempts.
“SVR actors have over the past 12 months been observed stealing system-issued access tokens to compromise victim accounts….”
– NCSC
In summary, the probe revealed how Russian state-linked cyber actors are adapting tactics to target organizations transitioning to cloud-based infrastructure. The post highlights the shift towards stealing system-issued access tokens, credential reuse, and password spraying for compromising cloud environments. The NTSC does provide mitigation strategies to counter these evolving tactics.
The NCSC also emphasizes the importance of awareness and encourages organizations to implement recommended measures to defend against these threats. SVR cyber actors, known for previous attacks including the SolarWinds compromise and targeting COVID-19 vaccine development, continue to expand their targets beyond governmental and healthcare sectors. The advisory, jointly published by international cybersecurity agencies, aims to raise awareness and enhance defenses against sophisticated cyber threats.
Leave a Reply