UK and US authorities unite to ‘hold Russia to account’ for sustained cyber offensive

Written by Sam Trendall on 16 April 2018 in News
News

UK National Cyber Security Centre teams up with FBI and others to issue advice in light of malicious exploits targeting network hardware – including consumer routers

The Kremlin is behind a long-term campaign of malicious cyber activity, UK and US authorities have said

After calling out the Kremlin for undertaking a sustained campaign of cyberattacks, UK and US intelligence services have hailed “a significant moment in the transatlantic fightback against Russia’s aggressive activity in cyberspace”.

The UK National Cyber Security Centre (NCSC) has united with the FBI and the US Department of Homeland Security to issue an “alert about malicious cyber activity carried out by the Russian government”.

The attribution of this activity to Russia follows reports from “multiple sources”, representing cybersecurity research bodies in both the public and private sectors.

“We at the NCSC have been tracking some of these attacks for around a year, and the groups behind them for longer than that,” the organisation’s chief executive Ciaran Martin told reporters on a conference call today.

Russian state-sponsored activity has reportedly been targeted at government entities and private companies – including providers of critical national infrastructure, and internet service providers. The joint statement indicated that attacks have been aimed at network hardware devices, including routers, switches, firewalls, and network intrusion-detection systems. 


Related content


The statement said: “The current state of US and UK network devices, coupled with a Russian government campaign to exploit these devices, threatens our respective safety, security, and economic well-being.”

The attacks have also included concerted attempts to breach consumer and small business devices as a way into the network.

“We have high confidence that Russia has carried out a coordinated campaign to gain access to SOHO (small office/home office) and residential routers,” White House cybersecurity coordinator Rob Joyce told journalists.

Some attacks have seen actors working on behalf of Russia target “compromised routers” to execute ‘man-in-the-middle’ attacks. These incursions are so called because perpetrators effectively insert themselves between two systems that communicate with one another and intercept the information being relayed.

The exploits that have perpetrated by Russia in recent months are being undertaken “to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations,” today’s statement said. 

Jeanette Manfra, the foremost cybersecurity official at the Department of Homeland Security, explained that, if you can control routers, you can control traffic, which means that the future threat from Russia could take several forms.

“[Routers] could be used to generate traffic for a DDoS attack, but also for espionage or for offensive cyber campaigning,” she added.

A large number of the Russian exploits could be defended against by adherence to best security practice, the security agencies indicated. To this end, UK and US authorities will be issuing a report containing information on how businesses and individuals can best protect themselves against cyberthreats.

NCSC chief Martin said: “This is a significant moment in the transatlantic fightback against Russia’s aggressive activity in cyberspace. We have called it out before, but never have we joined together… to give advice to industry and citizens.”

He added: “This a very significant moment – we are holding Russia to account, and improving our defences at the same time."

 

About the author

Sam Trendall is editor of PublicTechnology

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

ICO appoints first-ever technology director
15 August 2018

Simon McDougall joins regulator in the role of executive director for technology policy and innovation

 

Government opted not to encrypt Cold War Kremlin hotline as £20,000 cost was deemed too high
31 July 2018

Newly published former top-secret documents reveal that a direct communications link between Downing Street and Mikhail Gorbachev was not encrypted – despite the wishes of the government’s ‘...

Constituents report MP to ICO over alleged data-protection breach in Facebook post
21 June 2018

Data-protection watchdog ‘making enquiries’ after Conservative Gordon Henderson publishes names and partial addresses of local residents who sent him a letter

Related Sponsored Articles

Don’t Gamble with your password resets!
20 June 2018

The cautionary tale of the Leicestershire teenager who hacked high-ranking officials of NATO allies shows the need for improved password security