GRIZZLY STEPPE – Russian Malicious Cyber Activity

Overview

On October 7, 2016, the Department Of Homeland Security (DHS) and the Office of the Director of National Intelligence (DNI) issued a joint statement on election security compromises. DHS has released a Joint Analysis Report (JAR) attributing those compromises to Russian malicious cyber activity, designated as GRIZZLY STEPPE.

The JAR package offers technical details regarding the tools and infrastructure used by Russian civilian and military intelligence services (RIS). Accompanying CSV and STIX format files of the indicators are available here:

GRIZZLY STEPPE Indicators (CSV)
GRIZZLY STEPPE Indicators (STIX xml)

DHS recommends that network administrators review JAR-16-20296.pdf below for more information and implement the recommendations provided.

Revisions

December 29, 2016: Initial release
December 29, 2016: Updated CSV and STIX xml files with additional indicators
December 29, 2016: Replaced JAR-16-20296 with JAR-16-20296A, which contains corrected NCCIC contact information

View Publication

JAR_16-20296A_GRIZZLY STEPPE-2016-1229.pdf

Was this document helpful? Yes | Somewhat | No

GRIZZLY STEPPE – Russian Malicious Cyber Activity

Overview

Revisions

View Publication

I Want To

Contact Us

GRIZZLY STEPPE – Russian Malicious Cyber Activity

Overview

Revisions

View Publication

I Want To

Subscribe to Alerts

Contact Us