This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE.
One of the most significant cyber threats to businesses, local and federal government agencies is the Distributed-Denial-of-Service attack (DDoS). A Distributed Denial of Service attack (DDoS) occurs when an attacker commands a number of computers to send numerous requests to a target computer. The overwhelming flood of requests to the website or computer network can cause it to shut down or fail to handle the requests of legitimate users, much like a rush hour traffic jam on the freeway. This type of attack can completely disrupt an organization’s operations until the network is able to be restored. Understanding the basic concept and methods of a DDoS attack can help operators of both large and small networks mitigate the severity of the attack.
Authentication establishes the trusted relationship between the user and a system or service and validates their identities to each other. Organizations rely on authentication services to protect important data by limiting access to trusted users. Malicious actors are increasingly interested in exploiting authentication services because organizations rely on them to ensure system integrity and limit access to sensitive data by trusted users. US-CERT is providing this advisory to warn organizations about increased threats and interest in authentication services and provide recommended best practices to strengthen system integrity.
US-CERT is aware of recent open source reports regarding possible counterfeit Cisco routers. US-CERT originally reported this activity in April 2006. Please note that US-CERT is re-releasing that information in this report for situational awareness purposes due to the new open source reporting and to provide methods for determining if a router is counterfeit.
The National Cyber Security Division (NCSD) United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security (DHS) and the public and private sectors. Established in 2003 to protect the nation’s internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation. The organization interacts with federal agencies, state and local governments, industry professionals, and others to improve information sharing and incident response coordination and to reduce cyber threats and vulnerabilities.