UK and US authorities unite to ‘hold Russia to account’ for sustained cyber offensive

Written by Sam Trendall on 16 April 2018 in News

UK National Cyber Security Centre teams up with FBI and others to issue advice in light of malicious exploits targeting network hardware – including consumer routers

The Kremlin is behind a long-term campaign of malicious cyber activity, UK and US authorities have said

After calling out the Kremlin for undertaking a sustained campaign of cyberattacks, UK and US intelligence services have hailed “a significant moment in the transatlantic fightback against Russia’s aggressive activity in cyberspace”.

The UK National Cyber Security Centre (NCSC) has united with the FBI and the US Department of Homeland Security to issue an “alert about malicious cyber activity carried out by the Russian government”.

The attribution of this activity to Russia follows reports from “multiple sources”, representing cybersecurity research bodies in both the public and private sectors.

“We at the NCSC have been tracking some of these attacks for around a year, and the groups behind them for longer than that,” the organisation’s chief executive Ciaran Martin told reporters on a conference call today.

Russian state-sponsored activity has reportedly been targeted at government entities and private companies – including providers of critical national infrastructure, and internet service providers. The joint statement indicated that attacks have been aimed at network hardware devices, including routers, switches, firewalls, and network intrusion-detection systems. 

Related content

The statement said: “The current state of US and UK network devices, coupled with a Russian government campaign to exploit these devices, threatens our respective safety, security, and economic well-being.”

The attacks have also included concerted attempts to breach consumer and small business devices as a way into the network.

“We have high confidence that Russia has carried out a coordinated campaign to gain access to SOHO (small office/home office) and residential routers,” White House cybersecurity coordinator Rob Joyce told journalists.

Some attacks have seen actors working on behalf of Russia target “compromised routers” to execute ‘man-in-the-middle’ attacks. These incursions are so called because perpetrators effectively insert themselves between two systems that communicate with one another and intercept the information being relayed.

The exploits that have perpetrated by Russia in recent months are being undertaken “to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations,” today’s statement said. 

Jeanette Manfra, the foremost cybersecurity official at the Department of Homeland Security, explained that, if you can control routers, you can control traffic, which means that the future threat from Russia could take several forms.

“[Routers] could be used to generate traffic for a DDoS attack, but also for espionage or for offensive cyber campaigning,” she added.

A large number of the Russian exploits could be defended against by adherence to best security practice, the security agencies indicated. To this end, UK and US authorities will be issuing a report containing information on how businesses and individuals can best protect themselves against cyberthreats.

NCSC chief Martin said: “This is a significant moment in the transatlantic fightback against Russia’s aggressive activity in cyberspace. We have called it out before, but never have we joined together… to give advice to industry and citizens.”

He added: “This a very significant moment – we are holding Russia to account, and improving our defences at the same time."


About the author

Sam Trendall is editor of PublicTechnology

Share this page




Please login to post a comment or register for a free account.

Related Articles

Related Sponsored Articles

How digital is helping Defence Medical Services re-imagine HM Armed Forces healthcare
3 February 2021

Defence Medical Services (DMS) is pursuing ground-breaking digital, data and technology transformation which will revolutionise Tri-Service healthcare provision to over 135,000 Armed...

How to Secure Your Microsoft Cloud Estate from Phishing Emails
8 February 2021

Phishing emails are one of the most pernicious threats facing organisations today. If you’ve been leveraging Microsoft 365 and Azure to keep your users productive whilst working remotely, Six...

How Your Privacy Program is a Competitive Differentiator
29 January 2021

OneTrust presents the reasons why your organisation should invest in privacy management - and offers three easy tips for getting started 

Email security incidents happen every 12 hours – it’s time to close the gap in Microsoft 365
21 January 2021

The remote-first world has seen email being relied on more than ever as a core communication mechanism - but with 93% of IT leaders acknowledging a risk to sensitive data, what steps should be...