Russian state-sponsored cyber actors have regularly targeted US cleared defense contractors since at least January 2020, a US agency said Wednesday. These contractors are private entities authorized by the Department of Defense to access classified information related to intelligence, surveillance and the development of weapons and missiles.
The Cybersecurity and Infrastructure Security Agency released an alert that said these threat actors exfiltrated emails and data that provide them with "significant insight into US weapons platform development and deployment timelines, plans for communications infrastructure, and specific technologies employed by the U.S. government and military."
CISA said the attackers used techniques such as sending spear-phishing emails that link to malicious domains and disguising the links by using publicly available URL shortening services.
In the alert, CISA, the FBI and the NSA urged cleared defense contractors to take a number of safety measures, including enforcing strong passwords and enabling multifactor authentication for all users.
US agencies have in recent years reported Russian state-sponsored hackers conducting the massiveand , plus .