Russia is using compromised computer-network equipment to attack U.S. and British companies and government agencies, the two countries warned in an unprecedented joint alert.
The warning on Monday came from the U.S. Department of Homeland Security and Federal Bureau of Investigation and Britain's National Cyber Security Center. It included advice to companies about how to protect themselves and warned specifically of attacks on routers, the devices that channel data around a network.
“Russian state-sponsored actors are using compromised routers to conduct spoofing 'man-in-the-middle' attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations,” according to a joint statement. “Multiple sources including private and public-sector cybersecurity research organizations and allies have reported this activity to the U.S. and U.K. governments.”
The main advice offered Monday for individuals and companies: Make sure that your router software is up-to-date and its password is secure.
“Once you own the router, you own the traffic,” Jeanette Manfra, assistant secretary at the Department of Homeland Security, told reporters on a joint conference call.
U.S. and U.K. relations with Vladimir Putin's administration are at a low point, following the alleged use of nerve agent to poison a former double agent in Britain in March and the U.S.-led bombing of Syria over the weekend after the Russian ally's alleged use of chemical weapons on civilians. Britain's GCHQ intelligence agency had already warned that Russia was using its cyber capabilities to target democracies.
The Pentagon has said Russian “trolling” activity increased 2,000 percent after the Syria strike.
While the officials were reluctant to give precise details of the threat, they said once a router had been hacked, it could be used not simply to capture data traveling through it, but also to carry out attacks on other computers, potentially overwhelming the Internet's communications infrastructure.
“It's a tremendous weapon in the hands of an adversary,” Howard Marshall, a deputy assistant director of the FBI, said.
Such attacks, where computers are bombarded with requests from other computers that have already been hacked until they crash, are a well-known weapon in cyberwarfare.
Copyright 2018 Bloomberg. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
