State-sponsored Russian hackers are actively seeking to hijack essential internet hardware, US and UK intelligence agencies say.
Britain’s National Cyber Security Centre (NCSC), the FBI, and the U.S. Department of Homeland Security (DHS) issued a joint alert on April 16, warning that the global campaign could be escalated to launch future offensive attacks.
The NCSC even published on its website a Joint US – UK statement on malicious cyber activity carried out by Russian government saying:
The targets of this malicious cyber activity are primarily government and private-sector organisations, critical infrastructure providers, and the internet service providers (ISPs) supporting these sectors.
“Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations,” it said.
“They could be prepositioning for use in times of tension,” Ciaran Martin, head of the British NCSC said, adding that “millions of machines” used to move traffic across the net were targeted.
In a press conference about the alert, White House cyber-security co-ordinator Rob Joyce said the US and its allies had “high confidence” that Russia was behind the “broad campaign”.
Intelligence gathered by the US and UK suggested that millions of machines directing data around the net were being targeted, he said.
Hackers also sought to undermine the firewalls and intrusion-detection system devices.
Britain and the United States said they issued the alert to help targets protect themselves and persuade victims to share information with government investigators.
Moscow did not yet comment on the allegations. It has denied previous accusations that it carried out cyberattacks on other countries.