{
  "Event": {
    "analysis": "1",
    "date": "2022-05-09",
    "extends_uuid": "",
    "info": "[Threat Intel] Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure",
    "protected": false,
    "publish_timestamp": "1772407549",
    "published": true,
    "threat_level_id": "1",
    "timestamp": "1772407546",
    "uuid": "50c5a354-30ff-476a-be77-c2e02f741137",
    "Orgc": {
      "name": "Rectifyq",
      "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4"
    },
    "Tag": [
      {
        "colour": "#ffffff",
        "local": false,
        "name": "tlp:clear",
        "relationship_type": ""
      },
      {
        "colour": "#004646",
        "local": false,
        "name": "type:OSINT",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:producer=\"CISA\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:country=\"russia\"",
        "relationship_type": ""
      },
      {
        "colour": "#49a260",
        "local": false,
        "name": "rectifyq:category=\"threat\"",
        "relationship_type": ""
      },
      {
        "colour": "#10003d",
        "local": false,
        "name": "rectifyq:sub-category=\"TA-profile\"",
        "relationship_type": ""
      },
      {
        "colour": "#190061",
        "local": false,
        "name": "rectifyq:topic=\"ics-ot\"",
        "relationship_type": ""
      },
      {
        "colour": "#ffd12e",
        "local": false,
        "name": "rectifyq:target=\"broad-based\"",
        "relationship_type": ""
      },
      {
        "colour": "#31373d",
        "local": false,
        "name": "rectifyq:MY-relevancy=\"not-relevant\"",
        "relationship_type": ""
      },
      {
        "colour": "#150050",
        "local": false,
        "name": "rectifyq:sub-category=\"report\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"APT28\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"APT29\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"Gamaredon Group\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"Killnet\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"MUMMY SPIDER\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"SALTY SPIDER\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"SCULLY SPIDER\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"Sandworm\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"TEMP.Veles\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"Turla\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"UNC2452\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"WIZARD SPIDER\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:threat-actor=\"XakNet\"",
        "relationship_type": ""
      },
      {
        "colour": "#f6810a",
        "local": false,
        "name": "ICS-capable",
        "relationship_type": ""
      },
      {
        "colour": "#626567",
        "local": false,
        "name": "rectifyq:no-samples-in=\"MalwareBazaar\"",
        "relationship_type": ""
      },
      {
        "colour": "#626567",
        "local": false,
        "name": "rectifyq:no-samples-in=\"Tria.ge\"",
        "relationship_type": ""
      },
      {
        "colour": "#3800d9",
        "local": false,
        "name": "rectifyq:action-taken=\"VT-comment\"",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:sector=\"Industrial\"",
        "relationship_type": ""
      },
      {
        "colour": "#b94b1d",
        "local": false,
        "name": "rectifyq:mitre-att&ck=\"none-from-src\"",
        "relationship_type": ""
      }
    ],
    "Attribute": [
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1772335043",
        "to_ids": false,
        "type": "link",
        "uuid": "030249e4-f0d2-4a3c-bc23-d45e18eb6a9a",
        "value": "https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-110a"
      },
      {
        "category": "External analysis",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1772338277",
        "to_ids": false,
        "type": "link",
        "uuid": "c5a55c37-8e06-4d1a-947a-a27e4fa8b52f",
        "value": "https://www.cisa.gov/sites/default/files/publications/AA22-110A_Joint_CSA_Russian_State-Sponsored_and_Criminal_Cyber_Threats_to_Critical_Infrastructure_4_20_22_Final.pdf"
      }
    ]
  }
}