14,932
edits
Changes
Jump to navigation
Jump to search
Line 2:
Line 2: − + + + + + +
→Types
==Types==
==Types==
Threat actors can be cybercriminals, insiders, and/or nation-states.
Threat actors can be cybercriminals, insiders, and/or nation-states.
===State-Sponsored==
Historically, state-sponsored advanced persistent threat (APT) actors have used [[Phishing|spearphishing]], brute force, and exploiting known vulnerabilities against accounts and networks with weak security.
==Russian==
* Russian-sponsored cyberattacks have been able to gain access via vulnerabilities in FortiGate VPNs, Cisco routers, Oracle WebLogic Servers, Kibana software, Zimbra software, Exim Simple Mail Transfer Protocol, Pulse Secure, Citrix, Microsoft Exchange, VMWare, and F5 Big-IP
* Recent high-profile cyberattacks targeted state, local, tribal, and territorial governments and aviation networks between September and December 2020, engaged in a global Energy Sector intrusion campaign between 2011 and 2018, and disrupted Ukrainian critical infrastructure in 2015, 2016, and 2022.<ref>[https://www.cisa.gov/uscert/ncas/alerts/aa22-011a Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure, CISA.gov]</ref>
==Classifications==
==Classifications==