Following both UK and US officials proclaiming that Russian “trolling” activity was up 2,000% over the weekend – while offering no evidential support for this claim – US Homeland Security, The FBI, and Britain’s National Cyber Security Center issued an unprecedented joint “technical alert” warning that Russia is using compromised computer network equipment to attack U.S. and British companies and government agencies.
Bloomberg reports that the alert included advice to companies about what they can do to protect themselves and warned specifically of attacks on routers, the devices that channel data around a network. The report claims that the attacks could be an attempt by Russia to gain a foothold for use in a future offensive… (pre-crime?)
“Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations,” according to a joint statement.
Further intelligence about the attacks had been added by “multiple” cyber-security organizations and companies…
“Multiple sources including private and public-sector cybersecurity research organizations and allies have reported this activity to the U.S. and U.K. governments.”
Ciaran Martin, chief executive officer of Britain’s NCSC, said the principal targets of the global campaign were internet service providers, firms running critical infrastructure, government departments and large companies…
“Russia is our most capable hostile adversary in cyberspace…
“This is the first time that in attributing a cyber attack to Russia the US and the UK have, at the same time, issued joint advice to industry about how to manage the risks from attacks.
“It marks an important step in our fight back against state-sponsored aggression in cyberspace.
“For over 20 years, GCHQ has been tracking the key Russian cyber-attack groups and today’s joint UK-US alert shows that the threat has not gone away.
“The UK Government will continue to work with the US, other international allies and industry partners to expose Russia’s unacceptable cyber behaviour, so they are held accountable for their actions.
“Many of the techniques used by Russia exploit basic weaknesses in network systems.
“The NCSC is leading the way globally to issue advice and automate defences at scale to remove those basic attacks, thereby allowing us to focus on the most potent threats.”
Are you scared yet?