Russian intelligence services continue to pose significant threats to US, reveals FBI-NCSC joint bulletin

The U.S. Federal Bureau of Investigation (FBI) and the National Counterintelligence and Security Center (NCSC) issued a joint bulletin highlighting that despite significant military setbacks following the Ukraine invasion, Russian intelligence services persist as a significant threat to the U.S. The document explicitly highlights the continuous focus of Russian intelligence services and their associates on targeting the U.S. through espionage, influence operations, and cyber activities, while striving to undermine U.S. and allied support for Ukraine.

“Their targets include the U.S. Government, commercial and private sectors to gain valuable information regarding U.S. plans and intentions, military, and technology advances. They also target the American public to sow dissent in our society,” the NCSC detailed in a LinkedIn post. The publication provides a number of steps “that can help you, your organization, and your community be more aware of and better prepared to defend against Russian intelligence efforts.”

In recent months, the U.S. government has sanctioned several Russian intelligence operatives and their associates for activities targeting the U.S., and authorities across Europe have arrested and charged a number of suspected Russian spies in their nations, the bulletin said. “Even so, in public remarks in September 2023, FBI Director Christopher Wray warned the number of Russian intelligence officers operating in the United States is ‘still way too big.’”

Regarding espionage, the FBI-NCSC bulletin identified that the Russian intelligence services recruit sources and agents to collect information on economic, political, security, and technological developments affecting Russia’s interests. 

“Russia continues to target a wide array of sectors to gain access to information and procure material of interest. These targeted sectors include government entities, academic institutions and think tanks, non-governmental organizations and activist groups, international organizations, media entities, and high-technology companies,” the bulletin identified. “Through existing professional accesses or networks, the RIS also seek out individuals sympathetic to Russia’s causes to serve as collectors within organizations. The RIS reach out through both in-person meetings and online contact, often under the guise of seemingly innocuous professional or personal outreach, to individuals possessing insider knowledge of sectors of interest whom they hope to use as sources,” it added.

The bulletin indicated that in the realm of cyber operations, Russian intelligence services direct their focus towards government and private sector computer networks, as well as specific individuals of interest, with the objective of pilfering information, monitoring targets, and laying the groundwork for potential disruptive or damaging cyber assaults on critical infrastructure. “They exploit known and unknown software vulnerabilities, often taking advantage of weak security, including slow patching, poor configuration, weak passwords, and lack of two-factor authentication,” it added.

Russia’s malign influence efforts are ongoing and blend covert intelligence operations with overt efforts by Russian government agencies, state-funded media, third-party intermediaries, and social media personas to sow and exacerbate division among the U.S. public and undermine democratic processes, according to the FBI-NCSC bulletin. Russia seeks to use unwitting U.S. persons and others to propagate information intended to influence the public by forwarding, sharing, liking, or discussing unsubstantiated or misleading narratives, and by spreading stolen, leaked, or fabricated information, amplifying the reach of the original information.

The bulletin identified that the persistent focus of the Russian intelligence services is on targeting the U.S. public, private sector, academia, and other institutions. It intends to obstruct U.S. policy goals and erode U.S. strategic advantage through the loss of sensitive U.S. government information, proprietary scientific research, and new technologies; and result in economic loss for individuals and U.S. companies through intellectual property theft. It also weakens public trust in U.S. institutions; increases social divisions that weaken the U.S. domestically and internationally; and enhances support for Russia’s preferred policy positions. 

The FBI-NCSC document outlined a set of measures for organizations to enhance their awareness and bolster preparedness against the endeavors of Russian intelligence services. These include maintaining insider threat awareness through workforce training by implementing reporting mechanisms; and engaging in proper vetting of employees, students, and research networks as appropriate. The bulletin also suggests enhancing the organization’s cyber posture; following best practices for identity and access management, protective controls, and vulnerability management.

The document also recommends verifying unsolicited professional outreach and evaluating the origin and professional networks surrounding the source of outreach. It also suggests evaluating the information source and narratives encountered online, in news media, and in mass or social media; seeking information from multiple sources; and comparing information across multiple media platforms.

During a recent forum on the future of homeland defense, Air Force Gen. Glen D. VanHerck, commander of the U.S. Northern Command, highlighted the profound challenges facing the nation’s security. He emphasized that the nation’s ability to demonstrate resilience in the face of these multifaceted challenges is crucial for the Department of Defense (DOD) to deter threats and uphold global stability effectively. Expressing the gravity of the situation, he noted that the current threat landscape is the most complex he has encountered in his extensive three-decade career in service.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.