Monday’s warning came from the U.S. Department of Homeland Security, the Federal Bureau of Investigation and Britain’s National Cyber Security Center. It warned specifically of attacks on compromised routers, the devices that channel data around a network.
Russia is using compromised computer-network equipment to attack U.S. and British companies and government agencies, the two countries warned in an unprecedented joint alert.
The warning on Monday came from the U.S. Department of Homeland Security and Federal Bureau of Investigation and Britain’s National Cyber Security Center. It included advice to companies about how to protect themselves and warned specifically of attacks on routers, the devices that channel data around a network.
“Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations,” according to a joint statement. “Multiple sources including private and public-sector cybersecurity research organizations and allies have reported this activity to the U.S. and U.K. governments.”
The main advice offered Monday for individuals and companies: Make sure that your router software is up-to-date and its password is secure.
Most Read Nation & World Stories
- What happens when 25,000 Amazon workers flush toilets?
- 5 things to watch this week in the Mueller probe
- Trump said he thinks 'the people would revolt' if he were impeached
- Trump threatens shutdown in wild encounter with Democrats WATCH
- 4 journalists and a newspaper are Time's Person of the Year
“Once you own the router, you own the traffic,” Jeanette Manfra, assistant secretary at the Department of Homeland Security, told reporters on a joint conference call.
Relations with Putin at low point
U.S. and U.K. relations with Vladimir Putin’s administration are at a low point, following the alleged use of nerve agent to poison a former double agent in Britain in March and the U.S.-led bombing of Syria over the weekend after the Russian ally’s alleged use of chemical weapons on civilians. Britain’s GCHQ intelligence agency had already warned that Russia was using its cyber capabilities to target democracies.
The Pentagon has said Russian “trolling” activity increased 2,000 percent after the Syria strike. Still, all the agencies in Monday’s advisory said their new warning wasn’t related to such recent events. Nor have they found that the attacks on network equipment were being used to target U.S. election systems ahead of congressional elections in November.
“Russia is our most capable hostile adversary in cyberspace,” Ciaran Martin, chief executive officer of Britain’s NCSC, told reporters on a joint conference call. “Many of the techniques used by Russia exploit basic weaknesses in network systems. The Russian cyberattack capability is a global problem.”
While the officials were reluctant to give precise details of the threat, they said once a router had been hacked, it could be used not simply to capture data traveling through it, but also to carry out attacks on other computers, potentially overwhelming the Internet’s communications infrastructure.
“It’s a tremendous weapon in the hands of an adversary,” Howard Marshall, a deputy assistant director of the FBI, said.
Such attacks, where computers are bombarded with requests from other computers that have already been hacked until they crash, are a well-known weapon in cyberwarfare. It is possible that Britain, at least, has even used them: Last week it revealed that it had carried out cyberattacks to disrupt Islamic State’s communications and propaganda effort.