Russia Cyber Threat Overview and Advisories

CISA works to ensure U.S. critical infrastructure, government partners, and others have the information and guidance to defend themselves against Russia state-sponsored cybersecurity activity.

"Russia will pose an enduring global cyber threat even as it prioritizes cyber operations for the Ukrainian war. Moscow views cyber disruptions as a foreign policy lever to shape other countries' decisions and continuously refines and employs its espionage, influence, and attack capabilities against a variety of targets. Russia maintains its ability to target critical infrastructure, including underwater cables and ICS, in the U.S. as well as in allied and partner countries." - ODNI Threat Assessment

Prioritizing patching of known exploited vulnerabilities is key to strengthening operational resilience against this threat.

Outline of the country of Russia with flag and binary number background

SVR-Affiliated Activity

The U.S. government and partners have attributed cyber espionage activities to the Russian Foreign Intelligence Service (SVR), including the SolarWinds compromise. SVR Cyber Actors Adapt Tactics for Initial Cloud Access details SVR-affiliated “Midnight Blizzard” activities.

View advisory

CISA and Joint CISA Advisories

Review Russia-specific advisories here.

View Advisories

Key Resources

Defending Against Nation-State Cyber Threats

Find more information on nation-state adversaries and related resources.