The US, Australia, Canada, New Zealand, and the UK today issued a detailed joint advisory on the increased risk of cyberattacks out of Russia — both nation-state espionage and cybercriminal activity.

The advisory, issued by the Cybersecurity and Infrastructure Security Agency (CISA), warns that Russia's invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity and that the Russian government is actively trying to use cyberattacks against global organizations as a weapon in its war on Ukraine.

Security teams, including those with critical infrastructure providers in the US and beyond, need to prepare for these threats and shore up their defenses against malware, ransomware, distributed denial-of-service (DDoS) attacks, and cyber espionage. The Russian government is attempting to use cyberattacks in retaliation for sanctions as well as support being provided to the Ukraine defense efforts, according to the advisory.

Cybercrime groups have "threatened to conduct cyber operations against countries and organizations providing materiel support to Ukraine," according to the advisory. "Other cybercrime groups have recently conducted disruptive attacks against Ukrainian websites, likely in support of the Russian military offensive."

In a related development, CISA Director Jen Easterly today also announced the addition of a number of industrial control systems (ICS) companies have now joined the Joint Cyber Defense Collaborative (JCDC), a CISA initiative of government and private industry experts to coordinate on US cyber-defense operation plans for protecting and responding to cyberattacks and threats. Members of the JCDC co-authored the joint advisory CISA published today with its international partners.

The new ICS vendors include Bechtel, Claroty, Dragos, GE, Honeywell, Nozomi Networks, Schneider Electric, Schweitzer Engineering Laboratories, Siemens, and Xylem, among others. 

 "As the destruction or corruption of these control systems could cause grave harm, ensuring their security and resilience must be a collective effort that taps into the innovation, expertise, and ingenuity of the ICS community," Easterly said in her announcement of the JCDC news during the ICS conference S4x22 in Miami. "I’m excited to leverage our evolving JCDC platform to enable us to plan, exercise, and collaborate with industry leaders to drive down risk to the systems and networks we depend on so greatly as a nation.”