Analytic efforts between the Department of Homeland Security (DHS) and the FBI uncovered information on Russian government actions targeting U.S. Government entities and multiple other critical infrastructure sectors. This campaign was carried out in two phases: staging and intended targets. Initial victims were most often trusted third-party suppliers, which were used as pivot points to obtain access to their final intended victim networks. The DHS and the FBI believe the ultimate objective is to compromise organizational networks. Banks should update their defense systems with the indicators of compromise provided by the DHS and FBI to help identify and block this attack.
Relevant URL(s): https://www.us-cert.gov/ncas/alerts/TA18-074A