Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure


WaterISAC and EPA, in cooperation with water sector associations, developed an advisory to present important information to the water sector on two recent cybersecurity advisories by the United States Government. On December 16, 2021, the Cybersecurity and Infrastructure Security Agency (CISA), FBI, and the National Security Agency issued a joint advisory on Russian state-sponsored cyber operations against United States critical infrastructure. It complemented a December 15, 2021 CISA publication - Preparing For and Mitigating Potential Cyber Threats. These Advisories asserted that due to persistent cyber-threats from sophisticated actors, including nation-states and their proxies, critical infrastructure owners and operators should take immediate steps to strengthen their computer network defenses. 

The Advisory by WaterISAC and EPA distills key information for the water sector from these recent publications, including commonly observed tactics, techniques, and procedures; detection actions; incident response guidance; and mitigations. It is designed to help water and wastewater system owners and operators reduce the risk presented by these threats and to encourage the adoption of a heightened state of awareness. The Advisories are TLP:AMBER. They are intended only for water and wastewater system owners and operators, along with state, local, tribal, and territorial government officials and private sector organizations that directly support water and wastewater system operations.