The Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the National Security Agency issued a joint cybersecurity advisory on Jan. 11, warning critical infrastructure organizations of cyberthreats from Russian state-sponsored hackers in an effort to help reduce the risks posed by such threats. “Historically, Russian state-sponsored advanced persistent threat (APT) actors have used common but effective tactics—including spearphishing, brute force, and exploiting known vulnerabilities against accounts and networks with weak security—to gain initial access to target networks,” the advisory reads. Officials listed a string of known vulnerabilities that have been exploited by suspected Russian hacking groups in the past. “Russian state-sponsored APT actors have also demonstrated sophisticated tradecraft and cyber capabilities by compromising third-party infrastructure, compromising third-party software, or developing and deploying custom malware,” the advisory reads. “The actors have also demonstrated the ability to maintain persistent, undetected, long-term access in compromised environments—including cloud environments—by using legitimate credentials.” Officials said that …