CISA and FBI Release Joint Advisories Regarding Russian and Iranian APT Actors

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

You are subscribed to no topic for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.

10/22/2020 01:40 PM EDT

Original release date: October 22, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released two joint cybersecurity advisories on widespread advanced persistent threat (APT) activity.

AA20-296A updates a previous joint CISA-FBI cybersecurity advisory and provides information on Russian state-sponsored actors targeting U.S. state, local, tribal, and territorial (SLTT) government networks, as well as aviation networks. In limited instances, this activity has resulted in unauthorized access to IT systems used by U.S. election officials.

AA20-296B details Iranian APT actors working to influence and interfere with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process. These actors have taken part in spear-phishing campaigns, website defacements, and disinformation campaigns to spread obtained U.S. voter-registration data, anti-American propaganda, and misinformation about voter suppression, voter fraud, and ballot fraud.

Both joint cybersecurity advisories contain information on exploited vulnerabilities and recommended mitigation actions for affected organizations to pursue.

This product is provided subject to this Notification and this Privacy & Use policy.