An official website of the United States government
Here's how you know
A .gov website belongs to an official government organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Press Release | Feb. 16, 2022

NSA, FBI, CISA Release Advisory on Protecting Cleared Defense Contractor Networks Against Years-Long Activity by Russian State-Sponsored Actors

FORT MEADE, Md. — The Federal Bureau of Investigation (FBI), Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) published a joint Cybersecurity Advisory today regarding Russian state-sponsored cyber actors ongoing efforts over the last several years to target U.S. cleared defense contractors. The advisory, “Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology,” details the industries and information Russian actors have targeted, common adversary tactics, detection and incident response actions, and mitigation recommendations. NSA and its partners assess that continued targeting is likely and recommend organizations apply the mitigations shared in the joint Cybersecurity Advisory.
NSA encourages all U.S. cleared defense contractors (CDC) — with or without evidence of compromise — to apply the mitigations in the advisory to reduce the risk of compromise by Russian state-sponsored cyber actors. While these mitigations are not intended to be all encompassing, they address common TTPs observed in these intrusions and will help to mitigate against common malicious activity.

"Over the last several years, Russian state-sponsored cyber actors have been persistent in targeting U.S. cleared defense contractors to get at sensitive information. Armed with insights like these, we can better detect and defend important assets together,” said Rob Joyce, Director of NSA Cybersecurity.
Review the full joint advisory here.
Visit our full library for more cybersecurity information and technical guidance.