USA and United Kingdom warn that Russian Federation has been hacking routers worldwide

Share

"Since 2015, the U.S. Government received information from multiple sources-including private and public sector cybersecurity research organizations and allies-that cyber actors are exploiting large numbers of enterprise-class and SOHO/residential routers and switches worldwide", said the technical alert published by the U.S. Department of Homeland Security.

The attacks targeted routers that form a key part of the internet infrastructure, in a move that could be used in the future to launch offensive attacks.

This could be used be used to mount a future offensive, it warned.

And two: "Encourage industry to secure the devices we depend on", White House cybersecurity coordinator Rob Joyce said.

Intelligence gathered by the U.S. and United Kingdom suggested that millions of machines directing data around the net were being targeted, he said. Second, this type of attack strategy lets Russian Federation peer at the data that's passing through compromised devices, whether it's personal of business related. Attackers also sought to undermine the firewalls and intrusion detection systems organisations used to spot malicious traffic before it reached users.

There were reports that the Pentagon had detected a 2,000% increase in Russian-linked bots on social media in the hours after Saturday's strikes. But it is too early to know for sure if this is the case, since it takes time to spot this - if it is spotted at all - and to be sure it is Russian.

It is worth saying that Britain and the USA will be carrying out nearly identical activities in Russia, pre-positioning in Russian networks to be able to respond.

"When we see malicious cyber-activity, whether Kremlin or other nation state actors, we are going to push back", said Mr Joyce.

"Russia is our most capable hostile adversary in cyberspace so dealing with their attacks is a major priority for the National Cyber Security Centre and our USA allies", he said.

According to Martin, numerous techniques used by Russian Federation, "exploit basic weaknesses in network systems".

The targets number in the millions, officials say, and include "primarily government and private-sector organisations, critical infrastructure providers, and the internet service providers (ISPs) supporting these sectors". Finally, the alert outlined what erratic hardware behavior should indicate a device has been compromised.

"For over twenty years, GCHQ has been tracking the key Russian cyber-attack groups and today's joint UK-US alert shows that the threat has not gone away".

The machines make particularly attractive targets as they are the nexus for massive amounts of internet traffic and tend to be maintained far less diligently than the devices that people use every day, like computers and mobile devices.

"The UK government will continue to work with the USA, other worldwide allies and industry partners to expose Russia's unacceptable cyber behaviour, so they are held accountable for their actions".

Share