The Department of Homeland Security and the Federal Bureau of Investigation (FBI) released a report that sheds light on the tools Russian intelligence officers used to compromise the networks and infrastructure associated with the recent U.S. presidential election.
The agencies’ Joint Analysis Report, released Dec. 29, reveals that Russia’s decade-long cyber operations include phishing attempts and campaigns targeting government organizations, critical infrastructure, think tanks, universities, political organizations, and corporations. Russia’s compromising efforts have not been directed at the U.S. alone; according to the statement, Russian intelligence services have also waged cyberattacks on other countries’ critical infrastructures.
The report offers technical indicators of these cyber operations, and provides recommendations to mitigate such incidents. DHS has added these technical indicators to its Automated Indicator Sharing Service, which provides alerts regarding malicious cyber behavior at machine speed. According to a statement on the DHS website, the U.S. government’s goal is to arm network defenders with the tools they need to combat Russian cyber activity.
“We encourage security companies and private sector owners and operators to look back within their network traffic for signs of the malicious activity described in the Joint Analysis Report,” the statement said. “We also encourage such entities to utilize these indicators in their proactive defense efforts to block malicious cyber activity before it occurs.”
DHS and FBI created the Joint Analysis Report as an expansion of Secretary of Homeland Security Jeh Johnson and Director of National Intelligence James Clapper’s joint statement from Oct. 7. The statement claimed DHS and FBI are confident that the Russian government compromised recent emails from American people and institutions, including political organizations.