CISA, FBI issued an advisory that a Russian state-sponsored APT has targeted state and local systems.
A joint advisory from CISA and the FBI warns that Russian state-sponsored APT Havex, or Energetic Bear, has been targeting dozens of state, local, territorial, and tribal (SLTT) government networks. The APT successfully compromised network infrastructure and were able to harvest passwords, IT instructions, vendor and purchasing information, and printable access badges. The advisory notes that there is no evidence that elections data had been compromised in the attack, but the group may seek to use the data to delegitimize SLTT entities in the future.