Hello, Guest!

US, UK, Canada Issue Warning Against Pro-Russian Hacktivist Threat to Critical Infrastructure

US, UK, Canada Issue Warning Against Pro-Russian Hacktivist Threat to Critical Infrastructure

Cybersecurity agencies from the United States, the United Kingdom and Canada have issued a joint warning about Russian hacktivists’ threat to operational technology systems.

A new report titled “Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity” revealed that pro-Russia threat actors have compromised small-scale OT systems across North America and Europe.

“This year we have observed pro-Russia hacktivists expand their targeting to include vulnerable North American and European industrial control systems,” said David Luber, director of cybersecurity at the National Security Agency, which partnered with multiple government agencies from the U.S., the U.K. and Canada to publish the report.

According to authorities, malicious activities associated with pro-Russian hacktivists have been observed since 2022. In early 2024, the Cybersecurity and Infrastructure Security Agency and the FBI responded to multiple cyber incidents in the water and wastewater systems sector.

In one incident, a water facility near the Texas-New Mexico border malfunctioned, causing a water tank to overflow. Google-owned cybersecurity firm Mandiant linked the malfunction to the Sandworm hacking operation, which is associated with the Russian military intelligence directorate GRU.

In each cyberattack, hacktivists disrupt critical infrastructure organizations by manipulating human-machine interfaces. The cyber actors typically max out set points, change settings, or turn off alarms to cause critical machinery to exceed normal operating parameters.

The authoring agencies advised critical infrastructure operators to limit the exposure of their OT systems from the internet, implement multifactor authentication and use unique passwords.

;