Russian Cybersecurity Threats: 5 Asks from the FBI

by Gate 15’s Managing Director, Andy Jabbour

I had the opportunity to participate in a call this morning led by the FBI’s Washington Field Office (WFO) and the following “5 Asks” were shared. It was confirmed on the call that the following is TLP:WHITE and could be shared with a public audience. Given the broad, non-specific nature of the threat as Vladimir Putin continues his war against Ukraine, we have shared this broadly and wanted to post for broader awareness. FBI specific comments are shared below. Where I have added to that, I have clearly noted additions.

TLP:WHITE: Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction.

FBI WFO five asks private sector partners to:

  1. Review recent cybersecurity advisories. My add: See CISA’s dedicated page on Russia Cyber Threat Overview and Advisories for updates.
  2. Know your networks; especially if you have even a tangential relationship with Russia and surrounding countries.
  3. Know your Cyber Incident Response plan. If you don’t have one, you should. Make sure the FBI and info sharing are embedded in that plan. Lower your thresholds for reporting. My add: I love this one and am grateful Gate 15 has been able to help organizations develop and exercise these. In addition to sharing with the FBI, share with your ISAC and ISAO too. We posted this yesterday regarding the new GAO report which speaks to that as well: GAO: Improve the coordination and information sharing between CISA and Information Sharing partners .
  4. Report mis, dis, mal information, a tried and true tactic of the Russian government, including on your social media.
  5. In the event of a compromise, please call the FBI.

Two more adds

  • While from WFO, this applies to all FBI offices. Connect with your local field office, your fusion center, and your ISAC/ISAO.
  • Don’t forget, SHIELDS UP! CISA continues to make updates to their Shields Up webpage and we recommend all organization utilize this resource to help prepare for potential Russian-influenced cyber attacks.

Understand the Threats.

Assess the Risks.

Take Action.

Understand the threats! Subscribe to our free daily paper and subscribe to our podcasts!

Take action! Our team specializes in intelligence and analysispreparedness activities to include the development of plans, training, and exercises, and we can help you build the relationships and capabilities you need for effective information sharing operations to support your ability to preventprotect against, mitigaterespond to, and recover from the threats and hazards that pose the greatest risk to your organization in our complex, all-hazards environment.