Russia’s cyber program is an enduring strategic threat to the United States, leveraging advanced capabilities to target critical infrastructure, steal sensitive data, engage in influence campaigns, and further geopolitical goals.
Ongoing tensions, particularly due to the war in Ukraine, have increased the urgency of monitoring and countering Russian cyber operations.
Russian cyber tactics
Russian state-sponsored cyber actors employ a variety of tactics to infiltrate networks and disrupt operations. They often engage in spearphishing and exploit known vulnerabilities to gain initial access. Once inside, they are skilled at maintaining long-term access to compromised IT systems, carrying out extensive reconnaissance and stealing diplomatic, military, and economic information.
Russian cyber actors have demonstrated the ability to deploy destructive malware against critical infrastructure, as seen in attacks on the energy sector in Ukraine. They also target essential systems in the United States, such as satellite technology, underwater cables, and industrial control systems. By compromising this infrastructure, Russia seeks to demonstrate its ability to inflict damage during a crisis.
Supply chain attacks pose another serious threat, as revealed by recent incidents that demonstrate Russia's ability to insert malicious code into trusted software updates, compromising thousands of networks worldwide. Additionally, pro-Russia hacktivists and other criminals have carried out cyber-attacks to advance Russian geopolitical goals. This creates a blurred line between nation-state and criminal activity, which complicates the threat landscape and attribution efforts.
The FBI is staying alert by sharing warnings and teaming up with private sector companies to strengthen defenses against these threats. By keeping the public informed and conducting cyber operations with our partners, the FBI aims to impose costs on Russian cyber actors and safeguard national interests.
News and alerts
-
06.26.2026 Russian Intelligence Services Continue to Target Commercial Messaging Applications
-
04.07.2026 Russian GRU Exploiting Vulnerable Routers to Steal Sensitive Information
-
03.20.2026 Russian Intelligence Services Target Commercial Messaging Application Accounts
-
12.09.2025 Pro-Russia Hacktivists Conduct Opportunistic Attacks Against U.S. and Global Critical Infrastructure
-
08.20.2025 Russian Government Cyber Actors Targeting Networking Devices, Critical Infrastructure
-
05.21.2025 Russian GRU Targeting Western Logistics Entities and Technology Companies
-
10.10.2024 Update on SVR Cyber Operations and Vulnerability Exploitation
-
10.03.2024 Justice Department Disrupts Russian Intelligence Spear-Phishing Efforts
-
09.05.2024 Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure
-
09.05.2024 Five Russian GRU Officers And One Civilian Charged For Conspiring To Hack Ukrainian Government
-
07.09.2024 State-Sponsored Russian Media Leverages Meliorator Software for Foreign Malign Influence Activity
-
05.01.2024 Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity
-
02.27.2024 Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations
-
02.26.2024 SVR Cyber Actors Adapt Tactics for Initial Cloud Access