US, British Governments Warn Businesses Worldwide of Russian Campaign to Hack Routers

Share

"Russian state-sponsored actors are using compromised routers to conduct spoofing "man-in-the-middle" attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations", according to a joint statement.

"What we've seen in this case is default passwords being exploited, unsecured devices being exploited", said Joyce.

"They could be pre-positioning for use in times of tension", said Ciaran Martin, chief executive of the British Government's National Cyber Security Centre, who added that "millions of machines" were targeted.

The US government also has obtained indictments against Iranian hackers, and accused North Korea of being behind the WannaCry computer worm that affected more than 230,000 computers around the world.

Taylor said while the devices could have been used to access sensitive data, there was "no indication" Australian information had been compromised.

"Extracted configuration files may contain sensitive information, such as device administrative credentials, and could be used to compromise the router/switch and enable targeting of other devices on the network".

The alert urges network device vendors, ISPs, public sector organisations and private corporations of all sizes to read it and act on the recommended mitigation strategies.

Global fears about cyberattacks by Russian Federation are not calming down, and the USA and United Kingdom have just issued a joint alert warning of state-sponsored attacks on network infrastructure devices, including residential routers.

"Russia is our most capable hostile adversary in cyberspace so dealing with their attacks is a major priority for the National Cyber Security Centre and our USA allies", he said.

"And we can also confirm that all of the attacks mentioned in this report have directly affected the United Kingdom".

"The attribution of this malicious activity sends a clear message to Russian Federation - we know what you are doing and you will not succeed", the spokesman added.

"We'll continue to follow the actions of our Russian adversaries and we'll bring every tool to bear against them in every corner of cyber space", said Howard Marshall, Deputy Assistant Director of the Cyber Division at the Federal Bureau of Investigation.

"For over twenty years, GCHQ has been tracking the key Russian cyber-attack groups and today's joint UK-US alert shows that the threat has not gone away". Britain's GCHQ intelligence agency had already warned that Russian Federation was using its cyber capabilities to target democracies.

Share